adulau/misp-circl-feed
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/b2a90426-2dc0-4022-b51e-8be190ffb7e5.json

4155 lines
No EOL
176 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--b2a90426-2dc0-4022-b51e-8be190ffb7e5",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-09T13:59:29.000Z",
"modified": "2024-12-09T13:59:29.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--b2a90426-2dc0-4022-b51e-8be190ffb7e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-09T13:59:29.000Z",
"modified": "2024-12-09T13:59:29.000Z",
"name": "Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan.",
"published": "2024-12-09T13:59:37Z",
"object_refs": [
"indicator--6398a77b-16ec-49e1-a01b-ee21fc680ca8",
"indicator--5b7db6a3-ce57-45fc-94a1-ee93ff6f6c09",
"indicator--324e74b5-a6e8-40e8-968e-8296ba38d377",
"indicator--ccc93158-77fc-4262-8701-9a9e535bc831",
"indicator--96b7d8b0-e625-4dd8-9bdc-4d53406bb13a",
"indicator--5b4f987b-958a-4117-ac90-906a7d2c0d5b",
"indicator--a49c8393-9828-4056-b4c6-f3b9007a0d28",
"indicator--a02e8413-72ef-4f0f-bc08-e613b9d0835e",
"indicator--aab5fdab-0aef-4a05-8860-490342401681",
"indicator--09e1e35d-fb5e-4677-991b-2ae618cb30a7",
"indicator--582e6806-9041-4764-8201-0f96df53c6cc",
"indicator--5892d6d1-44ab-4396-9bde-23bce58e3d62",
"indicator--887fb0e4-f583-48ed-a3a6-55000f6e0e1c",
"indicator--6292fe45-7851-451f-9e37-c8944edb8139",
"indicator--7f86981c-186b-4ece-9742-8f531fb9d481",
"indicator--268336f0-7cfa-4880-b1a8-54d8a9a36439",
"indicator--29922457-8133-4f9e-8751-2eeed3561b37",
"indicator--ebcfc486-b661-4e53-9235-0b03f8fe19fd",
"indicator--bbb5cceb-b873-4ad9-85f3-4af6eba5cc48",
"indicator--472c2f1a-4706-46ac-a215-d03095307517",
"indicator--02f4a468-1032-4fba-be57-ba6c318975cc",
"indicator--35573a96-e9cc-4ec2-9aca-ecee6719f25c",
"x-misp-object--1b8cbfb3-e75c-40d6-8832-6d5c84fac0e7",
"observed-data--db522712-3c2a-40b3-82d6-0db626545d00",
"file--db522712-3c2a-40b3-82d6-0db626545d00",
"indicator--9b13a193-7889-4bb5-aca0-20b22cf2fe56",
"indicator--41f9cff2-2458-44f7-b942-24ce9cccf81a",
"indicator--f1a2744e-8b4c-4042-8233-b570d63db61f",
"indicator--47dacd0a-5c32-456c-b82f-2be210584efb",
"indicator--a2def5b1-491e-4a7c-8d97-43d1a19bfeb7",
"indicator--21ec4541-8827-4d54-a23b-ee94b44c07a2",
"indicator--b2f8b206-3ffd-4d29-a418-0ba89f8a0d80",
"observed-data--bc0c8ca9-aef4-45d6-b158-60659991e78a",
"autonomous-system--bc0c8ca9-aef4-45d6-b158-60659991e78a",
"indicator--820165b2-2839-47e3-9c15-e3ecde4b46c6",
"indicator--08784a6c-1a3c-47dd-a8a5-b00be026cb65",
"indicator--6b428716-b70d-42aa-8371-6505e9e15764",
"indicator--51d27450-a78d-4594-9b73-befcc59c0e6e",
"indicator--87e33832-d52d-4c4a-a847-c46cd304a3b1",
"indicator--46463b1d-98d8-4b3d-83d6-7a1c963c2322",
"indicator--e77062b9-66c0-4c7a-a053-474d1c5e9a0a",
"indicator--44901dd3-8354-4496-8376-a3829006950d",
"indicator--940cbb8c-cf97-447f-b3f6-b76a64537578",
"indicator--2a717f15-cdac-45e7-8a78-e19dde512f13",
"indicator--c781965f-5976-4d6c-a45e-83766f39e425",
"indicator--3aca97af-1486-42aa-8ab1-3725149197a3",
"indicator--185d1e1e-04be-4f8c-b044-9c5341776d47",
"indicator--df6b0eef-cc5c-44ec-b74a-ffc382bcb6af",
"indicator--3ba6a9bd-7ea1-4354-81e1-a511a84f745d",
"indicator--bebb3477-8c1f-45f5-bab0-e168bfae2e83",
"indicator--7e218385-2a2f-4979-8b60-3de5db8aadf6",
"indicator--09f41b08-c933-4cf2-897e-202def61f9e7",
"indicator--71443411-9237-460f-a6f4-86749fa43897",
"indicator--83932634-8959-4e71-bcfa-406271eae8d2",
"indicator--aa499230-9e96-4f84-8b34-f167a87d98a2",
"indicator--029c8e88-abe5-412b-b3a9-ca354eddb82a",
"indicator--f059bf27-95c3-4d3a-882c-978e7a2a0c54",
"indicator--01a238a0-6f98-4012-8511-d517cae7dffb",
"indicator--fcfd580e-a090-4328-a51d-abda52afd678",
"indicator--5e83d5da-9fe4-443f-8012-34703e794cdb",
"indicator--65eb55dc-922b-491a-a141-7d27f04d00a8",
"indicator--a74c9db5-0949-43b2-8a95-d54e1fbd3ced",
"indicator--d60366ee-45f0-42ca-b317-ef03a6d803e7",
"indicator--651fdb16-8da0-4e51-a3bf-a35d967ec6f3",
"indicator--313510f7-e424-42a9-b4ee-c5bc25e80aea",
"indicator--e82eee51-7a3e-408f-9b71-f3c674e7436d",
"indicator--ec2f1ed8-d9f1-4947-8d4d-f0112d2732e5",
"indicator--0a64a5f9-3510-4866-afa2-ac8a18f71e1a",
"indicator--1765719d-ec97-4224-b847-9dd56a647460",
"indicator--6d0d540d-5d7b-464b-81c0-458e2d0c435e",
"indicator--a86a825e-5a58-42b5-a6c5-d46c4087c521",
"indicator--aefff849-b1fb-4f35-8614-a1d5e84a82e2",
"indicator--b73d5970-3306-4317-9aea-888478a7951e",
"indicator--8ea1554e-3b7c-4be6-89c2-83633f0d2ec1",
"indicator--b91a0a2f-8032-4678-83a3-6f777a2d9176",
"indicator--39627527-2f28-4030-835c-f2784b3178f1",
"indicator--6a70c99b-d647-477d-83e4-3a2a1d66f979",
"indicator--20a94cbc-e558-434f-ab87-c5ae27841260",
"indicator--1506812c-07dd-4c9f-9999-7452a05dad73",
"indicator--03bb9469-26dd-4b25-a92e-932a80513577",
"indicator--d39f52e6-8f54-488c-abf8-8bf77a1d9bf2",
"indicator--057fb622-552f-412c-a3a4-ca07e78f8e2a",
"indicator--6f51ba6e-b4b2-4df0-80ce-31c7ee73cea6",
"indicator--20d5ed4c-a87d-4525-a790-03f78a193e59",
"indicator--5519d2ae-cc60-47b6-a362-f7d0723642f5",
"indicator--71f775f7-18bd-42b9-a251-da4098b652f0",
"indicator--2f5501fc-1884-4364-b4d8-2d28ce296d05",
"indicator--bd5440f2-4317-4e04-a854-7e2a3cea0d2b",
"indicator--7df38f81-8a73-43ff-ab58-a618d387661e",
"indicator--dc8768a3-47a4-47d3-b025-985dabffcee7",
"indicator--8f0494a8-c4ab-45fd-a7a8-a99b97f4d33d",
"indicator--e8c7744d-c0be-458f-85ad-7b16fb1f8d0b",
"indicator--97f79647-083e-48ab-b889-49175a6211d0",
"indicator--008c1b90-a080-4725-a028-bdccdccd8300",
"indicator--7ac348c6-47b7-4272-a1c3-7963cce8a3b8",
"indicator--70cc5d56-86cf-4459-8dfc-73e81c437019",
"indicator--b3661165-4224-4f50-843d-8797e213e61c",
"indicator--ea1a7ac0-7283-4a2e-8c7b-090cc50e446e",
"indicator--8e95f75b-4369-4375-a4e3-33a334991f4b",
"indicator--8fc716ed-d5cd-4a77-a86e-f33030e753f9",
"indicator--e76dee93-e067-4807-be0e-34f64c4926f7",
"indicator--fc3275c6-0c7f-4e7a-9e56-2c36bb615f9a",
"indicator--bbefed8e-e694-40ec-a4f7-29e48dc2497a",
"indicator--42cf629d-ec56-4b7f-9b86-af9a5e6bf9ef",
"indicator--ab5ddabf-9104-45fe-9af1-5289c567cad9",
"indicator--3debca60-913b-4ec6-ae1c-08b315622947",
"indicator--c4f84bf7-0ac1-451c-85da-7f30dbba39ca",
"indicator--c57dbb4a-1b29-4a06-9737-679ba39c8da4",
"indicator--251703cd-6adf-442f-a972-fc7cab7e7a2a",
"indicator--cee24d5d-3c31-46e8-8401-f3c5c29bcaa7",
"indicator--b300bd39-54fd-40e8-a765-d0d174de50f5",
"indicator--791ff9e5-5cd0-40ff-bf63-f2cd7383c7e3",
"indicator--6598b9af-9628-4d46-9af6-d74d13a24a29",
"indicator--885f8914-ea1b-426d-a5cc-b59ce4daaccc",
"indicator--931e198a-5701-4261-85d7-d23e86b68cd3",
"indicator--c2795f05-fdc7-481c-925f-a4094b816464",
"indicator--b58e6b1a-1b5c-4a39-97cc-0ace3d35f2be",
"indicator--5ce04549-f9e0-4605-bf06-e5d204258935",
"indicator--20be285a-60a1-4fcb-903f-7160dfec3fe1",
"indicator--34332abe-cdb8-4bdf-b5e3-cbd38418d176",
"indicator--fefb8618-bcfb-4d9f-9bca-b3a0392e5f72",
"indicator--a7e383cd-137a-4fde-9429-60ab14de88d8",
"indicator--7d348ed2-b306-48c9-bd9e-0ccee72c4058",
"indicator--be326a9c-bab9-4488-a10e-414e0a5b80bd",
"indicator--2426dcaf-76a5-4d18-ac60-e350eb20444b",
"indicator--12c4070a-a0dc-48e6-85fe-3e5208ce19b2",
"indicator--a56e2b4b-f664-45df-9915-aa3581583320",
"indicator--045cf4e4-d549-44cf-b3ed-fb557cc8a84a",
"indicator--deee69b9-46b4-4899-9d5b-77405b24b30c",
"indicator--d2ce5d32-9b96-4a7d-9ea9-2b9d4007a403",
"indicator--8725cfa5-8839-4e7a-96cf-ec97de6b8537",
"indicator--d080cbf2-9120-434e-aa70-de7049859d7c",
"indicator--436ba524-f3bb-41a7-8bf9-791818ba0a7a",
"indicator--a8faf64b-a929-4eb8-b8c0-5cbddb96cc3e",
"indicator--4a3a1c1e-bfe7-4a62-83bd-f1c19abe315a",
"indicator--2c188802-6059-4711-a9fb-21ab1377ee89",
"indicator--eb3b908d-cd68-4bdf-b435-67be29af55fc",
"indicator--aa29b3b3-ea61-4759-bb5d-42c3f4c7290b",
"indicator--2b63e32e-928d-4f19-86e6-a6ec29cfbb5e",
"indicator--a4c05655-2539-4a01-9aa5-237087d995a7",
"indicator--aff2ea1d-8bb2-477a-85d2-356cfe4370a4",
"indicator--1288977f-fcf2-4ea2-8088-c5f450531372",
"indicator--67f86d45-7614-40d3-b6a1-93a3394cc148",
"indicator--3e887d30-46fe-4c2b-907e-828353f9350e",
"indicator--bd300599-e145-4439-8ece-310b8283035e",
"indicator--88d33961-7f09-4100-87f4-808c8c76c2e9",
"indicator--13ad0784-95a8-4e0c-a604-70d97ca8cee0",
"indicator--569d3bd8-344c-4bf0-8f39-4787dd24cf97",
"indicator--5dc38a70-db1f-49ab-b5fe-091379923b33",
"indicator--07e4abb3-f362-4673-9268-c61851f41ca5",
"indicator--d83c8b76-e18f-4f29-a3aa-0618126c74fa",
"indicator--69d46884-b57a-4c88-9392-7498bdc46d57",
"indicator--82dc1d99-5639-46a2-8d7b-22c0b64effe3",
"indicator--7fad1736-be40-43a3-9a9b-0b3487a6f549",
"indicator--529c173e-f5d8-446c-ba21-1abcf035fc9b",
"indicator--dab20e98-d053-4be6-9e9c-fd1eec71d382",
"indicator--50bacb09-f6e1-4989-a58f-0f1023433c8b",
"indicator--f24c1665-0a3d-4257-a372-facb98ef1088",
"indicator--f803fba2-e19f-4448-ad51-795177174136",
"indicator--241e7905-1688-4cce-a1e3-d30209a005ca",
"indicator--60505607-04cd-4ac5-88c8-81d9f2d1d1c8",
"indicator--a615327a-db7b-4377-a479-ccfba9d47275",
"indicator--7c922262-6c07-4aee-9099-cd6805c868a6",
"indicator--843a1c5b-f572-48d5-94b9-456895527c6c",
"indicator--3558d777-37cd-437c-8898-1b14a879a2af",
"indicator--2e07885b-e91f-4651-8881-eb1961d86c51",
"indicator--b7ceacd3-df31-4497-bd91-49601b7ab85b",
"indicator--ae03cbff-9edc-482f-a36f-654e99f45e10",
"indicator--83e5df68-edbe-4016-8e96-6d407da7347e",
"relationship--23e4907d-c02b-4ef5-9d46-03c563f5cf84",
"relationship--be84382f-71d8-4488-93df-dab5ec525dfd",
"relationship--d6c6f344-7a42-451e-9441-7dd4ee1c004a",
"relationship--6e8cb0d9-17f1-43e7-9240-31f784f3f8a2"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:country=\"hong kong\"",
"misp-galaxy:country=\"pakistan\"",
"misp-galaxy:target-information=\"Hong Kong\"",
"misp-galaxy:target-information=\"Pakistan\"",
"misp-galaxy:sector=\"Academia - University\"",
"misp-galaxy:sector=\"Civil Aviation\"",
"misp-galaxy:sector=\"Defense\"",
"misp-galaxy:sector=\"Electric\"",
"misp-galaxy:sector=\"Energy\"",
"misp-galaxy:sector=\"engineering\"",
"misp-galaxy:sector=\"Environment\"",
"misp-galaxy:sector=\"IT - Security\"",
"misp-galaxy:sector=\"Multi-sector\"",
"misp-galaxy:sector=\"Pharmacy\"",
"misp-galaxy:sector=\"Security actors\"",
"misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\"",
"misp-galaxy:mitre-attack-pattern=\"Malicious File - T1204.002\"",
"misp-galaxy:mitre-attack-pattern=\"Visual Basic - T1059.005\"",
"misp-galaxy:mitre-attack-pattern=\"Scheduled Task - T1053.005\"",
"misp-galaxy:mitre-attack-pattern=\"Portable Executable Injection - T1055.002\"",
"misp-galaxy:mitre-attack-pattern=\"System Owner/User Discovery - T1033\"",
"misp-galaxy:mitre-attack-pattern=\"Web Protocols - T1071.001\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"tlp:clear"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6398a77b-16ec-49e1-a01b-ee21fc680ca8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:08:25.000Z",
"modified": "2024-11-14T14:08:25.000Z",
"description": "Spawnto_x86",
"pattern": "[file:name = '\\\\%windir\\\\%\\\\\\\\syswow64\\\\\\\\dllhost.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:08:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b7db6a3-ce57-45fc-94a1-ee93ff6f6c09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:08:31.000Z",
"modified": "2024-11-14T14:08:31.000Z",
"description": "Spawnto_x64",
"pattern": "[file:name = '\\\\%windir\\\\%\\\\\\\\sysnative\\\\\\\\dllhost.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:08:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--324e74b5-a6e8-40e8-968e-8296ba38d377",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:08:06.000Z",
"modified": "2024-11-14T14:08:06.000Z",
"pattern": "[file:name = 'ImeBroker.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:08:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ccc93158-77fc-4262-8701-9a9e535bc831",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:12:58.000Z",
"modified": "2024-11-14T14:12:58.000Z",
"pattern": "[windows-registry-key:key = '\u201cC:\\\\LLVM\\\\bin\\\\LnkFishing\\\\.asset\\\\.asset.pdf\u201c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:12:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Persistence mechanism"
}
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Persistence mechanism\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96b7d8b0-e625-4dd8-9bdc-4d53406bb13a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:13:13.000Z",
"modified": "2024-11-14T14:13:13.000Z",
"pattern": "[file:name = 'PressMe.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:13:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5b4f987b-958a-4117-ac90-906a7d2c0d5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '43.137.69.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a49c8393-9828-4056-b4c6-f3b9007a0d28",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.155.190.198']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a02e8413-72ef-4f0f-bc08-e613b9d0835e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '106.55.77.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aab5fdab-0aef-4a05-8860-490342401681",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '129.204.98.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09e1e35d-fb5e-4677-991b-2ae618cb30a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.45.2.30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--582e6806-9041-4764-8201-0f96df53c6cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.45.67.241']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5892d6d1-44ab-4396-9bde-23bce58e3d62",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:33.000Z",
"modified": "2024-11-14T14:23:33.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '119.45.2.56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--887fb0e4-f583-48ed-a3a6-55000f6e0e1c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:23:40.000Z",
"modified": "2024-11-14T14:23:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.155.190.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:23:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6292fe45-7851-451f-9e37-c8944edb8139",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-a8vp3r65-1319584009.cd.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7f86981c-186b-4ece-9742-8f531fb9d481",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-c2y0jtba-1319584009.gz.tencentapigw.com.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--268336f0-7cfa-4880-b1a8-54d8a9a36439",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-qgezbin5-1319584009.sh.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--29922457-8133-4f9e-8751-2eeed3561b37",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-h87kxr41-1319584009.bj.tencentapigw.com.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ebcfc486-b661-4e53-9235-0b03f8fe19fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-cyuasu6k-1319584009.nj.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbb5cceb-b873-4ad9-85f3-4af6eba5cc48",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-3z1ebnpd-1319584009.sh.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--472c2f1a-4706-46ac-a215-d03095307517",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-b4ibcyjt-1325935989.sh.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--02f4a468-1032-4fba-be57-ba6c318975cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-k6iylaqt-1319584009.bj.tencentapigw.com.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--35573a96-e9cc-4ec2-9aca-ecee6719f25c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:33:04.000Z",
"modified": "2024-11-14T14:33:04.000Z",
"pattern": "[domain-name:value = 'service-7wu3p58s-1319584009.nj.tencentapigw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--1b8cbfb3-e75c-40d6-8832-6d5c84fac0e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T08:15:03.000Z",
"modified": "2024-11-14T08:15:03.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://www.seqrite.com/blog/operation-cobalt-whisper-targets-industries-hong-kong-pakistan/",
"category": "External analysis",
"uuid": "1b6e34a2-0ed7-478c-8290-d9b17e3493b9"
},
{
"type": "text",
"object_relation": "summary",
"value": "SEQRITE Labs APT-Team has recently uncovered a campaign targeting various industries such as the Defense Sector in Pakistan and predominantly researchers from Hong Kong. Tracked as Operation Cobalt Whisper, the entire campaign heavily leverages the use of a post-exploitation tool Cobalt Strike, which is deployed using obfuscated VBScript. A total of 20 infection chains have been identified so far along with additional individual samples, where 18 of them target Hong Kong and two target Pakistan where over 30 decoy files have been identified.\r\n\r\nIn this blog, we will explore the technical details of one of the campaigns we encountered during our initial analysis and examine the various stages of the infection chain, starting with a deep dive into the decoy documents. We will then look into the common Tactics, Techniques, and Procedures (TTPs), such as the use of malicious VBScript and LNK payloads employed by this threat actor across most campaigns. These methods facilitate the in-memory execution of the Cobalt Strike implant, which is delivered alongside these lures in an archive file.",
"category": "Other",
"uuid": "22422227-dbee-4500-b642-08f012a0e0b9"
},
{
"type": "text",
"object_relation": "title",
"value": "Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan.",
"category": "Other",
"uuid": "df05ca98-6014-4495-8873-75ffa6e04777"
},
{
"type": "text",
"object_relation": "type",
"value": "Blog",
"category": "Other",
"uuid": "0e88436d-a481-4066-a7eb-4df269791290"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--db522712-3c2a-40b3-82d6-0db626545d00",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:16:30.000Z",
"modified": "2024-11-14T10:16:30.000Z",
"first_observed": "2024-11-14T10:16:30Z",
"last_observed": "2024-11-14T10:16:30Z",
"number_observed": 1,
"object_refs": [
"file--db522712-3c2a-40b3-82d6-0db626545d00"
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"False\""
]
},
{
"type": "file",
"spec_version": "2.1",
"id": "file--db522712-3c2a-40b3-82d6-0db626545d00",
"name": "malicious.rar"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b13a193-7889-4bb5-aca0-20b22cf2fe56",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:16:51.000Z",
"modified": "2024-11-14T10:16:51.000Z",
"pattern": "[file:name = '\u9644\u4ef61\uff1a\u300a2024\u5e74\u5ea6\u4e2d\u56fd\u7535\u5de5\u6280\u672f\u5b66\u4f1a\u79d1\u5b66\u6280\u672f\u5956\u63a8\u8350\u63d0\u540d\u4e66\u300b\uff08\u6280\u672f\u53d1\u660e\u5956\u548c\u79d1\u6280\u8fdb\u6b65\u5956\uff09\u586b\u62a5\u8bf4\u660e(2024\u5e748\u6708\u65b0\u7248).pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T10:16:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41f9cff2-2458-44f7-b942-24ce9cccf81a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:12:51.000Z",
"modified": "2024-11-14T10:12:51.000Z",
"pattern": "[file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T10:12:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f1a2744e-8b4c-4042-8233-b570d63db61f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:18:47.000Z",
"modified": "2024-11-14T10:18:47.000Z",
"pattern": "[file:name = 'O365.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T10:18:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--47dacd0a-5c32-456c-b82f-2be210584efb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:41:36.000Z",
"modified": "2024-11-14T10:41:36.000Z",
"description": "Decoy document",
"pattern": "[file:name = 'subscription.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T10:41:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2def5b1-491e-4a7c-8d97-43d1a19bfeb7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T10:59:11.000Z",
"modified": "2024-11-14T10:59:11.000Z",
"description": "Decoy document",
"pattern": "[file:name = '\u9644\u4ef62\uff1a\u300a\u4e2d\u56fd\u7535\u5de5\u6280\u672f\u5b66\u4f1a\u79d1\u5b66\u6280\u672f\u5956\u52b1\u529e\u6cd5\u300b\uff082024\u5e744\u6708\u4fee\u8ba2\uff09.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T10:59:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--21ec4541-8827-4d54-a23b-ee94b44c07a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T13:57:44.000Z",
"modified": "2024-11-14T13:57:44.000Z",
"pattern": "[file:name = 'sigverif.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T13:57:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2f8b206-3ffd-4d29-a418-0ba89f8a0d80",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:04:12.000Z",
"modified": "2024-11-14T14:04:12.000Z",
"pattern": "[(network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.155.190.84') AND (network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'service-a8vp3r65-1319584009.cd.tencentapigw.com') AND network-traffic:dst_port = '443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-14T14:04:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "network"
}
],
"labels": [
"misp:name=\"ip-port\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--bc0c8ca9-aef4-45d6-b158-60659991e78a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-14T14:21:57.000Z",
"modified": "2024-11-14T14:21:57.000Z",
"first_observed": "2024-11-14T14:21:57Z",
"last_observed": "2024-11-14T14:21:57Z",
"number_observed": 1,
"object_refs": [
"autonomous-system--bc0c8ca9-aef4-45d6-b158-60659991e78a"
],
"labels": [
"misp:name=\"asn\"",
"misp:meta-category=\"network\"",
"misp:to_ids=\"False\""
]
},
{
"type": "autonomous-system",
"spec_version": "2.1",
"id": "autonomous-system--bc0c8ca9-aef4-45d6-b158-60659991e78a",
"number": 45090,
"x_misp_country": "China"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--820165b2-2839-47e3-9c15-e3ecde4b46c6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-11-15T08:19:13.000Z",
"modified": "2024-11-15T08:19:13.000Z",
"pattern": "[file:hashes.MD5 = '86543a984e604430fb7685a1e707b2c4' AND file:name = '\u79d1\u5b66\u6280\u672f\u5956\u586b\u62a5\u8bf4\u660e\u548c\u5956\u52b1\u529e\u6cd5\u4fee\u8ba2\u7248.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-11-15T08:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--08784a6c-1a3c-47dd-a8a5-b00be026cb65",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:25.000Z",
"modified": "2024-12-06T13:58:25.000Z",
"pattern": "[file:hashes.MD5 = '95557088474250a9749b958c3935dee4' AND file:name = '\u6700\u65b0\u505c\u8f66\u573a\u6536\u8d39\u6807\u51c6\u8c03\u6574\u65b9\u6848.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6b428716-b70d-42aa-8371-6505e9e15764",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:25.000Z",
"modified": "2024-12-06T13:58:25.000Z",
"pattern": "[file:hashes.MD5 = '95f05674e4cb18a363346b488b67fd38' AND file:name = '\u2552\u03b4\u2562\u2558\u00ed\u2562\u2502\u0398\u2566\u00ab\u2568\u03b5\u2500\u2584\u2561\u03c4\u2552\u255b\u2569\u03a3\u2566\u00ab\u2556\u00f3\u2561\u03c4\u2567\u2561\u2550\u2502\u2556\u255c\u2591\u2555\u2554\u03a6\u255d\u255e\u2592\u255a\u2564\u00ed\u2564\u2568\u255b\u2510\u00ed\u2556\u2561\u2500\u2568\u2590\u2555\u2500\u255c\u00bf\u2565\u0398.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--51d27450-a78d-4594-9b73-befcc59c0e6e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:25.000Z",
"modified": "2024-12-06T13:58:25.000Z",
"pattern": "[file:hashes.MD5 = 'b8c94d2f66481cc52b30948f65fed761' AND file:name = '\u2563\u03c0\u2555\u00b5\u2550\u2562\u2556\u253c\u2565\u00ac\u255f\u2264\u2569\u0398.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87e33832-d52d-4c4a-a847-c46cd304a3b1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:25.000Z",
"modified": "2024-12-06T13:58:25.000Z",
"pattern": "[file:hashes.MD5 = '4cf9bd6af64c3937e156ffb20537a6c1' AND file:name = '\u9884\u52a0\u6cb9\u822a\u73ed\u7ba1\u7406\u65b9\u6cd5\u7814\u7a76\u4e0e\u8f6f\u4ef6\u5b9e\u73b0\uff08\u4fee\u6539\u610f\u89c1\uff09.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--46463b1d-98d8-4b3d-83d6-7a1c963c2322",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = 'b2649134fbf0520222263d73b7e985d8' AND file:name = 'aaa.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e77062b9-66c0-4c7a-a053-474d1c5e9a0a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = 'af669dfa074eb9b6fda3fd258f58e2d2' AND file:name = '\u8d3e\u54f2\u6587-\u4e91\u5357\u5927\u5b66-\u73af\u5883\u5de5\u7a0b.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44901dd3-8354-4496-8376-a3829006950d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '865483fea76242e687aa9e76b1a37f28' AND file:name = '\u5218\u6f47-\u6e05\u534e\u5927\u5b66-\u8ba1\u7b97\u673a.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--940cbb8c-cf97-447f-b3f6-b76a64537578",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '432230af1d59dac7dfb47e0684807240' AND file:name = '\u674e\u65b0\u5b87-\u5317\u4eac\u5927\u5b66-2026\u6bd5\u4e1a-\u91d1\u878d\u7855\u58eb.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a717f15-cdac-45e7-8a78-e19dde512f13",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = 'b9d04a61b30ddf53b28bf58a86fc28f5' AND file:name = '\u70ed\u6838\u805a\u53d8\u53d1\u7535\u5c9b\u4e09\u56de\u8def\u53c2\u6570\u4f18\u5316\u7814\u7a76\uff08\u4fee\u6539\u610f\u89c1\uff09.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c781965f-5976-4d6c-a45e-83766f39e425",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '2d478e4527486d85932254c7a7413951' AND file:name = '\u56fd\u5bb6\u4e92\u8054\u7f51\u5e94\u6025\u4e2d\u5fc3CCSC\u8ba4\u8bc1\u9080\u8bf7\u51fd_\u6d77\u5173\u4fe1\u606f\u4e2d\u5fc3.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3aca97af-1486-42aa-8ab1-3725149197a3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = 'e08dcbbd3e2ab9bcc2c02c44b6a97870' AND file:name = '\u5f02\u6784\u5e73\u53f0\u8981\u7d20\u534f\u540c\u7406\u8bba\u65b9\u6cd5\u7814\u7a76(\u4fee\u6539\u610f\u89c1).rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--185d1e1e-04be-4f8c-b044-9c5341776d47",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = 'fe4c575abf70ad11cdbce0b0821ee681' AND file:name = '\u535a\u58eb\u540e\u7533\u8bf7-\u738b\u7389\u73ba-\u534e\u4e2d\u79d1\u6280\u5927\u5b66-\u7535\u6c14\u4e0e\u7535\u5b50\u5de5\u7a0b-\u535a\u58eb.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--df6b0eef-cc5c-44ec-b74a-ffc382bcb6af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '68278e47f36a44d9a8bbd46b74422bbe' AND file:name = '\u4f01\u4e1a\u8d44\u8d28\u6750\u6599.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3ba6a9bd-7ea1-4354-81e1-a511a84f745d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '58f5ff5be4e765e62758b1f3e679a2ac' AND file:name = '\u9488\u5bf9\u300a\u82cd\u672f\u500d\u534a\u841c\u7c7b\u5316\u5408\u7269\u751f\u7269\u5408\u6210\u7684\u7814\u7a76\u8fdb\u5c55\u300b\u7684\u4fee\u6539\u5efa\u8bae.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bebb3477-8c1f-45f5-bab0-e168bfae2e83",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:26.000Z",
"modified": "2024-12-06T13:58:26.000Z",
"pattern": "[file:hashes.MD5 = '955841a4d2315422818b47aec6ce51fb' AND file:name = '\u4e2d\u503a\u6570\u636e\u65e0\u6cd5\u4f7f\u7528\u60c5\u51b5.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7e218385-2a2f-4979-8b60-3de5db8aadf6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:27.000Z",
"modified": "2024-12-06T13:58:27.000Z",
"pattern": "[file:hashes.MD5 = '75def3a25b1d355c9163d3c247990867' AND file:name = '\u53c2\u7f16\u300a\u4eba\u5de5\u667a\u80fd\u901a\u7528\u5927\u6a21\u578b\u5408\u89c4\u7ba1\u7406\u4f53\u7cfb \u6307\u5357\u300b\u7533\u8bf7\u8868.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--09f41b08-c933-4cf2-897e-202def61f9e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:27.000Z",
"modified": "2024-12-06T13:58:27.000Z",
"pattern": "[file:hashes.MD5 = '343a3944218a040089fa7131112c1681' AND file:name = '\u4e2d\u56fd\u5916\u6c47\u4ea4\u6613\u4e2d\u5fc3\u4fe1\u606f\u4ea7\u54c1\u8bb8\u53ef\u8868.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71443411-9237-460f-a6f4-86749fa43897",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:27.000Z",
"modified": "2024-12-06T13:58:27.000Z",
"pattern": "[file:hashes.MD5 = 'b28bb7cabfb12e9bc5b87692b065c83a' AND file:name = 'Islamabad_Security_Dialogue_Pub.rar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83932634-8959-4e71-bcfa-406271eae8d2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:27.000Z",
"modified": "2024-12-06T13:58:27.000Z",
"pattern": "[file:hashes.MD5 = '7728fee377137e83e9bd1c609cc166c0' AND file:name = 'IDEAS_2024_Calling_Letter.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aa499230-9e96-4f84-8b34-f167a87d98a2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T13:58:27.000Z",
"modified": "2024-12-06T13:58:27.000Z",
"pattern": "[file:hashes.MD5 = 'dad7d9528e9506ebd0524b3ebd89ddf2' AND file:name = 'Final_Combined_Forecast_MCP_FY_2024_25.zip']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T13:58:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--029c8e88-abe5-412b-b3a9-ca354eddb82a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:02:15.000Z",
"modified": "2024-12-06T14:02:15.000Z",
"pattern": "[file:hashes.MD5 = 'a02a664f80d9011e38c45762683771c0' AND file:name = 'Final_Combined_Forecast_MCP_FY_2024_25.pdf.lnk' AND file:name = '12th_Edition_Of_Innovation_&_Excellence_IDEAS_2024.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:02:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f059bf27-95c3-4d3a-882c-978e7a2a0c54",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:03:00.000Z",
"modified": "2024-12-06T14:03:00.000Z",
"pattern": "[file:hashes.MD5 = 'd73a5c11423923d8a8c483cf6172f7e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:03:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01a238a0-6f98-4012-8511-d517cae7dffb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '22c07c76020f9311385cfaa97a2d6adb' AND file:name = '\u9644\u4ef61\uff1a\u300a2024\u5e74\u5ea6\u4e2d\u56fd\u7535\u5de5\u6280\u672f\u5b66\u4f1a\u79d1\u5b66\u6280\u672f\u5956\u63a8\u8350\u63d0\u540d\u4e66\u300b\uff08\u6280\u672f\u53d1\u660e\u5956\u548c\u79d1\u6280\u8fdb\u6b65\u5956\uff09\u586b\u62a5\u8bf4\u660e(2024\u5e748\u6708\u65b0\u7248).pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fcfd580e-a090-4328-a51d-abda52afd678",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '7a494f7448bc350bb46fb7f21450d1d9' AND file:name = '\u6700\u65b0\u505c\u8f66\u573a\u6536\u8d39\u6807\u51c6\u8c03\u6574\u65b9\u6848.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5e83d5da-9fe4-443f-8012-34703e794cdb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '3c3986899bdb4890ea6d44c00538e2fd' AND file:name = '\u2552\u03b4\u2562\u2558\u00ed\u2562\u2502\u0398\u2566\u00ab\u2568\u03b5\u2500\u2584\u2561\u03c4\u2552\u255b\u2569\u03a3\u2566\u00ab\u2556\u00f3\u2561\u03c4\u2567\u2561\u2550\u2502\u2556\u255c\u2591\u2555\u2554\u03a6\u255d\u255e\u2592\u255a\u2564\u00ed\u2564\u2568\u255b\u2510\u00ed\u2556\u2561\u2500\u2568\u2590\u2555\u2500\u255c\u00bf\u2565\u0398.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--65eb55dc-922b-491a-a141-7d27f04d00a8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '74ca14032a93be59098d607ba7039660' AND file:name = '\u9884\u52a0\u6cb9\u822a\u73ed\u7ba1\u7406\u65b9\u6cd5\u7814\u7a76\u4e0e\u8f6f\u4ef6\u5b9e\u73b0\uff08\u4fee\u6539\u610f\u89c1\uff09.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a74c9db5-0949-43b2-8a95-d54e1fbd3ced",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = 'cd14d51d27f294c2e60d1bc3ef907160' AND file:name = '\u7535\u5f71\u5ba3\u4f20\u8981\u6c42.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d60366ee-45f0-42ca-b317-ef03a6d803e7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = 'db08274efb374e2196a9f46961c8d8f8' AND file:name = '\u9700\u4f7f\u7528\u4e2d\u503a\u6570\u636e.jpg.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--651fdb16-8da0-4e51-a3bf-a35d967ec6f3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '62eb90df5ee3a3b443c277d12b893141' AND file:name = '\u8d3e\u54f2\u6587-\u4e91\u5357\u5927\u5b66-\u73af\u5883\u5de5\u7a0b.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--313510f7-e424-42a9-b4ee-c5bc25e80aea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:42.000Z",
"modified": "2024-12-06T14:07:42.000Z",
"pattern": "[file:hashes.MD5 = '41b5d5a04cf4534550e6ac3fc9a8f42d' AND file:name = '\u5218\u6f47-\u6e05\u534e\u5927\u5b66-\u8ba1\u7b97\u673a\u79d1\u5b66\u4e0e\u6280\u672f\u5b66\u9662-\u7855\u58eb.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e82eee51-7a3e-408f-9b71-f3c674e7436d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = 'ae55cb4988f2f45197132631f5a86632' AND file:name = 'filename.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ec2f1ed8-d9f1-4947-8d4d-f0112d2732e5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '5ae488083403cd69002c29ef6326cca7' AND file:name = '\u674e\u65b0\u5b87-\u5317\u4eac\u5927\u5b66-2026\u6bd5\u4e1a-\u91d1\u878d\u7855\u58eb.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0a64a5f9-3510-4866-afa2-ac8a18f71e1a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '72011305317d7e9d38a0e75650f22e34' AND file:name = '\u4fee\u6539\u5efa\u8bae.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1765719d-ec97-4224-b847-9dd56a647460",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '473adee7068573fd01862b4bf43979e6' AND file:name = 'Islamabad_Security_Dialogue_Pub.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6d0d540d-5d7b-464b-81c0-458e2d0c435e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '10d0a351df1bfe57494ac18a7f2edec1' AND file:name = '\u70ed\u6838\u805a\u53d8\u53d1\u7535\u5c9b\u4e09\u56de\u8def\u53c2\u6570\u4f18\u5316\u7814\u7a76\uff08\u4fee\u6539\u610f\u89c1\uff09.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a86a825e-5a58-42b5-a6c5-d46c4087c521",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '10d6fb6ab395001a4424058a52c3c69f' AND file:name = '\u56fd\u5bb6\u4e92\u8054\u7f51\u5e94\u6025\u4e2d\u5fc3CCSC\u8ba4\u8bc1\u9080\u8bf7\u51fd_\u6d77\u5173\u4fe1\u606f\u4e2d\u5fc3.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aefff849-b1fb-4f35-8614-a1d5e84a82e2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '1070fc4a998cb7515842fb1b647340be' AND file:name = '\u5f02\u6784\u5e73\u53f0\u8981\u7d20\u534f\u540c\u7406\u8bba\u65b9\u6cd5\u7814\u7a76(\u4fee\u6539\u610f\u89c1).docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b73d5970-3306-4317-9aea-888478a7951e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '1b538fef54102fd36e83e4fc549f960e' AND file:name = '\u535a\u58eb\u540e\u7533\u8bf7-\u738b\u7389\u73ba-\u534e\u4e2d\u79d1\u6280\u5927\u5b66-\u7535\u6c14\u4e0e\u7535\u5b50\u5de5\u7a0b\u535a\u58eb-\u7b80\u5386.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ea1554e-3b7c-4be6-89c2-83633f0d2ec1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = 'c8231c5709ca548f1fe70f3b61d3537a' AND file:name = '\u9488\u5bf9\u300a\u82cd\u672f\u500d\u534a\u841c\u7c7b\u5316\u5408\u7269\u751f\u7269\u5408\u6210\u7684\u7814\u7a76\u8fdb\u5c55\u300b\u7684\u4fee\u6539\u5efa\u8bae.docx.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b91a0a2f-8032-4678-83a3-6f777a2d9176",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = '955a8b63723eb35686ddce6cbfe890cf' AND file:name = '\u4e2d\u503a\u6570\u636e\u65e0\u6cd5\u4f7f\u7528\u60c5\u51b5.jpg.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--39627527-2f28-4030-835c-f2784b3178f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = 'da623c5ca61e25c6205904a5cb91bd55' AND file:name = '\u53c2\u7f16\u300a\u4eba\u5de5\u667a\u80fd\u901a\u7528\u5927\u6a21\u578b\u5408\u89c4\u7ba1\u7406\u4f53\u7cfb \u6307\u5357\u300b\u7533\u8bf7\u8868.pdf.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6a70c99b-d647-477d-83e4-3a2a1d66f979",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:43.000Z",
"modified": "2024-12-06T14:07:43.000Z",
"pattern": "[file:hashes.MD5 = 'afc805006390b00713898c09d50343b6' AND file:name = '\u4e2d\u56fd\u5916\u6c47\u4ea4\u6613\u4e2d\u5fc3\u4fe1\u606f\u4ea7\u54c1\u8bb8\u53ef\u8868.doc.lnk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20a94cbc-e558-434f-ab87-c5ae27841260",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '0a34cc8983fb581a59308135868b75d0' AND file:name = 'O365.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1506812c-07dd-4c9f-9999-7452a05dad73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '5d18995193465c618844949f0ff9c786' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03bb9469-26dd-4b25-a92e-932a80513577",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '4c409d7201ec5dccf55a8ea54b0de101' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d39f52e6-8f54-488c-abf8-8bf77a1d9bf2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '39ab2053406493b9a0d81ed40212ffa8' AND file:name = 'O365.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--057fb622-552f-412c-a3a4-ca07e78f8e2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '4711d0d163c00158abd4b20177d68b9a' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f51ba6e-b4b2-4df0-80ce-31c7ee73cea6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '3dce8d8f9664c755448413cbfe1bc08f' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20d5ed4c-a87d-4525-a790-03f78a193e59",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '3b573c2229b43bde50f998f6cba17f2f' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5519d2ae-cc60-47b6-a362-f7d0723642f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '318a1a18df75b49f72fbcc020384cc24' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--71f775f7-18bd-42b9-a251-da4098b652f0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = 'a0d760492c0193d14114792f0c3fff7a' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f5501fc-1884-4364-b4d8-2d28ce296d05",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = 'cafdc03dcbe06ac43ec25fb38c1e013f' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd5440f2-4317-4e04-a854-7e2a3cea0d2b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = 'd13828ae89a7dab34d2f380eef518332' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7df38f81-8a73-43ff-ab58-a618d387661e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:44.000Z",
"modified": "2024-12-06T14:07:44.000Z",
"pattern": "[file:hashes.MD5 = '7e98bb7ffba4cf12d29132a2c71973eb' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dc8768a3-47a4-47d3-b025-985dabffcee7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'c3d460ac3a93e86782c2bc374aa5ecd2' AND file:name = 'Anx.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8f0494a8-c4ab-45fd-a7a8-a99b97f4d33d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '93eafad827126a9d12fc1d0e6e21aaef' AND file:name = 'cal.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e8c7744d-c0be-458f-85ad-7b16fb1f8d0b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'a4a47dd08cf59f8b6a7c907cf0e39029' AND file:name = 'cal.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--97f79647-083e-48ab-b889-49175a6211d0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'b2c882f6121d758cfcd4ece31834f497' AND file:name = 'O365.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--008c1b90-a080-4725-a028-bdccdccd8300",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '86e4c5d39dda20eee4dd8f794be04c80' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ac348c6-47b7-4272-a1c3-7963cce8a3b8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'e7f3c33a5cd569ebf4b57381f03c5337' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--70cc5d56-86cf-4459-8dfc-73e81c437019",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '7ac5daaa5fe4e59137271eaf97c9e692' AND file:name = 'O365.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b3661165-4224-4f50-843d-8797e213e61c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'a2f64bafeafbeb303d24fd6ed1f5a89a' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea1a7ac0-7283-4a2e-8c7b-090cc50e446e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '8ba5b61454a29e09e7f536e85c951f53' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8e95f75b-4369-4375-a4e3-33a334991f4b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '4eeeb2b40e7189c271098c515b8f91d8' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8fc716ed-d5cd-4a77-a86e-f33030e753f9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = '3711e1913f2ae74c4fc765bc28dbc60f' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e76dee93-e067-4807-be0e-34f64c4926f7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:45.000Z",
"modified": "2024-12-06T14:07:45.000Z",
"pattern": "[file:hashes.MD5 = 'e112698125e67a1a6f26597371cae502' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc3275c6-0c7f-4e7a-9e56-2c36bb615f9a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '67dc90468327a0c733ca48881084593b' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bbefed8e-e694-40ec-a4f7-29e48dc2497a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'd68fb3502e63ef3ca91c45f508d146b9' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42cf629d-ec56-4b7f-9b86-af9a5e6bf9ef",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '91b7328a6064706fa9f125621a09f648' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ab5ddabf-9104-45fe-9af1-5289c567cad9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'bfd61e5e133b2cd592d42ecdbc0eaee2' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3debca60-913b-4ec6-ae1c-08b315622947",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'e5e709be4584031aefdc2a0782017f8f' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c4f84bf7-0ac1-451c-85da-7f30dbba39ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'cf59916d271dce7f44bbf349464a31e2' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c57dbb4a-1b29-4a06-9737-679ba39c8da4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '5d18995193465c618844949f0ff9c786' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--251703cd-6adf-442f-a972-fc7cab7e7a2a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'e213dc8060794bb97c5f94f563107e88' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cee24d5d-3c31-46e8-8401-f3c5c29bcaa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'd01e7c41140aeff82ad87a558ae96587' AND file:name = 'DS_Store.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b300bd39-54fd-40e8-a765-d0d174de50f5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = 'de3a0ff11c7645f5d0ac717b0eb98e52' AND file:name = 'cache.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--791ff9e5-5cd0-40ff-bf63-f2cd7383c7e3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '98b85b474c02ce8c0a33ad7507abbf2a' AND file:name = 'subscription.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6598b9af-9628-4d46-9af6-d74d13a24a29",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '5368f0b6ff56cce0de42165f14067427' AND file:name = '\u9644\u4ef62\uff1a\u300a\u4e2d\u56fd\u7535\u5de5\u6280\u672f\u5b66\u4f1a\u79d1\u5b66\u6280\u672f\u5956\u52b1\u529e\u6cd5\u300b\uff082024\u5e744\u6708\u4fee\u8ba2\uff09.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--885f8914-ea1b-426d-a5cc-b59ce4daaccc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:46.000Z",
"modified": "2024-12-06T14:07:46.000Z",
"pattern": "[file:hashes.MD5 = '22ce60653860fe33bdfc47ce60deb681' AND file:name = '\u2502\u0398\u2566\u00ab\u2568\u03b5\u2500\u2584\u2561\u03c4\u2552\u255b\u2569\u03a3\u2566\u00ab\u2556\u00f3\u2561\u03c4\u2567\u2561\u2550\u2502\u2556\u255c\u2591\u2555\u2554\u03a6\u255d\u255e\u2592\u255a\u2564\u00ed\u2564\u2568\u255b\u2510_\u2566\u256c\u256b\u2559\u255e\u00b5.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--931e198a-5701-4261-85d7-d23e86b68cd3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = 'b69c075caff565528bf42705d936a066' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2795f05-fdc7-481c-925f-a4094b816464",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '477c5abea7299891b7f7c487f8636613' AND file:name = '\u2561\u03c4\u2559\u2591\u2568\u221a\u2524\u00bd\u2565\u00ac\u255f\u2264.pdf / \u7535\u5f71\u5ba3\u4f20\u8981\u6c42.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b58e6b1a-1b5c-4a39-97cc-0ace3d35f2be",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '298a27e24e4ca917020fa5a230fe6c8f' AND file:name = 'subscription.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5ce04549-f9e0-4605-bf06-e5d204258935",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '820485d456ce6bfab933a1b662ff590a' AND file:name = '\u8d3e\u54f2\u6587-\u4e91\u5357\u5927\u5b66-\u73af\u5883\u5de5\u7a0b.docx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--20be285a-60a1-4fcb-903f-7160dfec3fe1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '55467fcb1b51477104442e74d7baf3df' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34332abe-cdb8-4bdf-b5e3-cbd38418d176",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = 'ab1bc05e7f110042d7eacda5724918e0' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fefb8618-bcfb-4d9f-9bca-b3a0392e5f72",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '8423873a0eee6139c1eb6d5a9919121b' AND file:name = '\u4f01\u4e1a\u8d44\u8d28\u8bc1\u660e\uff08\u8bf7\u5148\u89e3\u5bc6\uff09.pptx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7e383cd-137a-4fde-9429-60ab14de88d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '6833e934c675717a0581472e00cb6d93' AND file:name = '12th_Edition_Of_Innovation_&_Excellence_IDEAS_2024.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7d348ed2-b306-48c9-bd9e-0ccee72c4058",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '9294dd350f921745602f745e501e8e43' AND file:name = '\u9884\u52a0\u6cb9\u822a\u73ed\u7ba1\u7406\u65b9\u6cd5\u7814\u7a76\u4e0e\u8f6f\u4ef6\u5b9e\u73b0.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--be326a9c-bab9-4488-a10e-414e0a5b80bd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '43bed053851e7a182b99835bcd1d2d16' AND file:name = '\u9700\u4f7f\u7528\u4e2d\u503a\u6570\u636e.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2426dcaf-76a5-4d18-ac60-e350eb20444b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '154bf965c1c8e54540179b2d01c4202e' AND file:name = '\u5218\u6f47-\u6e05\u534e\u5927\u5b66-\u8ba1\u7b97\u673a\u79d1\u5b66\u4e0e\u6280\u672f\u5b66\u9662-\u7855\u58eb.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--12c4070a-a0dc-48e6-85fe-3e5208ce19b2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '1fbffdc19d3cfee158558e266206f46f' AND file:name = '\u674e\u65b0\u5b87-\u5317\u4eac\u5927\u5b66-2026\u6bd5\u4e1a-\u91d1\u878d\u7855\u58eb.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a56e2b4b-f664-45df-9915-aa3581583320",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:47.000Z",
"modified": "2024-12-06T14:07:47.000Z",
"pattern": "[file:hashes.MD5 = '8bdd5587b9863bdb154d9db85c67037b' AND file:name = '\u70ed\u6838\u805a\u53d8\u53d1\u7535\u5c9b\u4e09\u56de\u8def\u53c2\u6570\u4f18\u5316\u7814\u7a76.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--045cf4e4-d549-44cf-b3ed-fb557cc8a84a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '05770b4da4f87150f2faf6c4e821f727' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--deee69b9-46b4-4899-9d5b-77405b24b30c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = 'c5b2970e227e311abb5acf480bc48934' AND file:name = '\u5f02\u6784\u5e73\u53f0\u8981\u7d20\u534f\u540c\u7406\u8bba\u65b9\u6cd5\u7814\u7a76.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d2ce5d32-9b96-4a7d-9ea9-2b9d4007a403",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = 'edd1a870a0eea3bf9dcbd88ece487920' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8725cfa5-8839-4e7a-96cf-ec97de6b8537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '1c2126ea78d3430ce04bf96b0d1c524e' AND file:name = 'JPCS-2021-A_novel_current_differential_protection_for_MMC-HV.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d080cbf2-9120-434e-aa70-de7049859d7c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '13097891c790fbd3df75a2aebf993b16' AND file:name = '\u8bba\u6587\u53ca\u8363\u8a89\u8bc1\u4e66/\u7535\u529b\u7cfb\u7edf\u81ea\u52a8\u5316-2024-\u9006\u53d8\u578b\u65b0\u80fd\u6e90\u573a\u7ad9\u9001\u51fa\u7ebf\u65f6\u57df\u65b9\u5411\u5143\u4ef6.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--436ba524-f3bb-41a7-8bf9-791818ba0a7a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '23bd40035a9a9fd1d31a1c7aceda1727' AND file:name = 'IET-2022-A simplified model of Type\u20104 wind turbine for short\u2010circuit currents simulation analysis.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a8faf64b-a929-4eb8-b8c0-5cbddb96cc3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '7763e73dd2e877c4770c0f10e4d3a1dd' AND file:name = '\u8bba\u6587\u53ca\u8363\u8a89\u8bc1\u4e66/\u6559\u80b2\u90e8\u5b66\u7c4d\u5728\u7ebf\u9a8c\u8bc1\u62a5\u544a-\u738b\u7389\u73ba.png']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4a3a1c1e-bfe7-4a62-83bd-f1c19abe315a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '162a9b9aee469b8de10c37c6311906cd' AND file:name = 'Islamabad_Security_Dialogue_Pub.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c188802-6059-4711-a9fb-21ab1377ee89",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = 'e8db7191c84a84717bffd0f1af9de36c' AND file:name = 'Final_Combined_Forecast_MCP_FY_2024_25.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--eb3b908d-cd68-4bdf-b435-67be29af55fc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '91611a155d4722d178f7697cd4ddd95f' AND file:name = '\u82cd\u672f\u500d\u534a\u841c\u7c7b\u5316\u5408\u7269\u751f\u7269\u5408\u6210\u7684\u7814\u7a76\u8fdb\u5c55_\u51af\u94c3\u82b3.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aa29b3b3-ea61-4759-bb5d-42c3f4c7290b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '75c1403abfbe9f5c92625a1baf8b22f5' AND file:name = 'subscription.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2b63e32e-928d-4f19-86e6-a6ec29cfbb5e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = 'd967a709472775c118ec339963c1d940' AND file:name = '\u4e2d\u503a\u6570\u636e\u65e0\u6cd5\u4f7f\u7528\u60c5\u51b5.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a4c05655-2539-4a01-9aa5-237087d995a7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = '154141caa12b828ace18fd4b3fda77e0' AND file:name = '\u53c2\u7f16\u300a\u4eba\u5de5\u667a\u80fd\u901a\u7528\u5927\u6a21\u578b\u5408\u89c4\u7ba1\u7406\u4f53\u7cfb \u6307\u5357\u300b\u7533\u8bf7\u8868.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--aff2ea1d-8bb2-477a-85d2-356cfe4370a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:48.000Z",
"modified": "2024-12-06T14:07:48.000Z",
"pattern": "[file:hashes.MD5 = 'c116a1971593a3a5468eb972b505fb57' AND file:name = 'cache.db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1288977f-fcf2-4ea2-8088-c5f450531372",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:49.000Z",
"modified": "2024-12-06T14:07:49.000Z",
"pattern": "[file:hashes.MD5 = '63d4015195c5006d81e14a85aa2459c4' AND file:name = '\u8054\u7cfb\u65b9\u5f0f.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--67f86d45-7614-40d3-b6a1-93a3394cc148",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:49.000Z",
"modified": "2024-12-06T14:07:49.000Z",
"pattern": "[file:hashes.MD5 = 'a3df3505d89c15bb3940062f7abd786b' AND file:name = '\u8054\u7cfb\u65b9\u5f0f.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3e887d30-46fe-4c2b-907e-828353f9350e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:07:49.000Z",
"modified": "2024-12-06T14:07:49.000Z",
"pattern": "[file:hashes.MD5 = '041d01a5495cdede35f4ad8e1fe437f7' AND file:name = '\u6e05\u534e\u901a\u77e5.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:07:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bd300599-e145-4439-8ece-310b8283035e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:43.000Z",
"modified": "2024-12-06T14:27:43.000Z",
"pattern": "[file:hashes.MD5 = 'd29980f768aafdcf102cf1b3741c8a2b' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--88d33961-7f09-4100-87f4-808c8c76c2e9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:43.000Z",
"modified": "2024-12-06T14:27:43.000Z",
"pattern": "[file:hashes.MD5 = '2acfad6fd814b02683038d21ba3eccbe' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--13ad0784-95a8-4e0c-a604-70d97ca8cee0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:43.000Z",
"modified": "2024-12-06T14:27:43.000Z",
"pattern": "[file:hashes.MD5 = '1aa1f12d26d3a34265d0b99705bdf283' AND file:name = 'DevicesFlow.EXE' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--569d3bd8-344c-4bf0-8f39-4787dd24cf97",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:43.000Z",
"modified": "2024-12-06T14:27:43.000Z",
"pattern": "[file:hashes.MD5 = 'e7550dd2db4dbe1a2cc1dadc47846cd0' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5dc38a70-db1f-49ab-b5fe-091379923b33",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '1d109c8bb9e6ad16cd5f6813db39c21a' AND file:name = 'Microsoft IME' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--07e4abb3-f362-4673-9268-c61851f41ca5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = 'd8c348a2f27097d8689dba4452bb76eb' AND file:name = 'charmap.exe' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d83c8b76-e18f-4f29-a3aa-0618126c74fa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '14df06539b72837adb9f8d13cfcea6db' AND file:name = 'CTTUNE.EXE' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69d46884-b57a-4c88-9392-7498bdc46d57",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '6388625810652f0767be13b43363c10d' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--82dc1d99-5639-46a2-8d7b-22c0b64effe3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = 'e8d3540212384d45ba9d7135c5bf8d8e' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7fad1736-be40-43a3-9a9b-0b3487a6f549",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '352e299fc3f2327bfad5026b4a56b7cb' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--529c173e-f5d8-446c-ba21-1abcf035fc9b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '73fa6149e68dd7842f7cfce78dd732c5' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak' AND file:name = 'sigverif.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dab20e98-d053-4be6-9e9c-fd1eec71d382",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:44.000Z",
"modified": "2024-12-06T14:27:44.000Z",
"pattern": "[file:hashes.MD5 = '3813e4ebddd87615c1adc9c05888341d' AND file:name = '\u4f01\u4e1a\u8d44\u8d28\u6750\u6599/\u4f01\u4e1a\u7b7e\u540d\u89e3\u5bc6\u4e13\u7528\u89e3\u5bc6\u5de5\u5177.exe' AND file:name = 'D:\\\\MyPrograms\\\\vs2022\\\\vt01\\\\vt\\\\x64\\\\Release\\\\vt.pdb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--50bacb09-f6e1-4989-a58f-0f1023433c8b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '316e8d798f7db625c207532e2f7a5d38' AND file:name = 'keycongif.exe' AND file:name = 'Anx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f24c1665-0a3d-4257-a372-facb98ef1088",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '5e7dba4aafb8176ab026e2f4aa3211dd' AND file:name = 'Adobbee.exe' AND file:name = 'cal']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f803fba2-e19f-4448-ad51-795177174136",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '33b3e322679f1500a9f3c162e4b25040' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--241e7905-1688-4cce-a1e3-d30209a005ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '2694553347f23e250ed70a8c23096d8f' AND file:name = 'BioEnrollmentHost.exe' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60505607-04cd-4ac5-88c8-81d9f2d1d1c8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '800be8a4989d4b7ed07ddd068c6469f1' AND file:name = 'DevicesFlow.EXE' AND file:name = 'DS_Store']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a615327a-db7b-4377-a479-ccfba9d47275",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = 'bfd6c2f0787865ecb1604439ea9a5f15' AND file:name = 'imecfmui.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7c922262-6c07-4aee-9099-cd6805c868a6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = '49c5553995f032195890b5bfc2abcb00' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--843a1c5b-f572-48d5-94b9-456895527c6c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:45.000Z",
"modified": "2024-12-06T14:27:45.000Z",
"pattern": "[file:hashes.MD5 = 'ae9d676e4eda5cfa18a061e4bc2b1637' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3558d777-37cd-437c-8898-1b14a879a2af",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:46.000Z",
"modified": "2024-12-06T14:27:46.000Z",
"pattern": "[file:hashes.MD5 = '008255c14420420e9a53c9959d0d08b8' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2e07885b-e91f-4651-8881-eb1961d86c51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:46.000Z",
"modified": "2024-12-06T14:27:46.000Z",
"pattern": "[file:hashes.MD5 = '49a9c56fab34795b7e6e4c0b6185ca3e' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7ceacd3-df31-4497-bd91-49601b7ab85b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:46.000Z",
"modified": "2024-12-06T14:27:46.000Z",
"pattern": "[file:hashes.MD5 = 'd901fa81a4b3d83219440b80a1c338bc' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ae03cbff-9edc-482f-a36f-654e99f45e10",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:46.000Z",
"modified": "2024-12-06T14:27:46.000Z",
"pattern": "[file:hashes.MD5 = '88b8bbe04b53e4af857cd1c032968c94' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak' AND file:name = 'sigverif.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--83e5df68-edbe-4016-8e96-6d407da7347e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2024-12-06T14:27:46.000Z",
"modified": "2024-12-06T14:27:46.000Z",
"pattern": "[file:hashes.MD5 = '1d065492e7b5d118e31e571cc53dfe65' AND file:name = 'ImeBroker.exe' AND file:name = 'cache.bak' AND file:name = 'sigverif.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2024-12-06T14:27:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--23e4907d-c02b-4ef5-9d46-03c563f5cf84",
"created": "2024-11-14T10:16:30.000Z",
"modified": "2024-11-14T10:16:30.000Z",
"relationship_type": "contains",
"source_ref": "observed-data--db522712-3c2a-40b3-82d6-0db626545d00",
"target_ref": "indicator--9b13a193-7889-4bb5-aca0-20b22cf2fe56"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--be84382f-71d8-4488-93df-dab5ec525dfd",
"created": "2024-11-14T10:16:51.000Z",
"modified": "2024-11-14T10:16:51.000Z",
"relationship_type": "executes",
"source_ref": "indicator--9b13a193-7889-4bb5-aca0-20b22cf2fe56",
"target_ref": "indicator--f1a2744e-8b4c-4042-8233-b570d63db61f"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--d6c6f344-7a42-451e-9441-7dd4ee1c004a",
"created": "2024-11-14T10:18:47.000Z",
"modified": "2024-11-14T10:18:47.000Z",
"relationship_type": "executes",
"source_ref": "indicator--f1a2744e-8b4c-4042-8233-b570d63db61f",
"target_ref": "indicator--41f9cff2-2458-44f7-b942-24ce9cccf81a"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--6e8cb0d9-17f1-43e7-9240-31f784f3f8a2",
"created": "2024-11-14T13:57:44.000Z",
"modified": "2024-11-14T13:57:44.000Z",
"relationship_type": "similar",
"source_ref": "indicator--21ec4541-8827-4d54-a23b-ee94b44c07a2",
"target_ref": "indicator--41f9cff2-2458-44f7-b942-24ce9cccf81a"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink