211 строки
6.4 KiB
JSON
211 строки
6.4 KiB
JSON
{
|
|
"contacts": [],
|
|
"countries": [],
|
|
"createdAt": "2021-01-15T16:53:20+03:00",
|
|
"cveList": [],
|
|
"dateFirstSeen": "2021-01-15",
|
|
"dateLastSeen": "2021-01-15",
|
|
"datePublished": "2021-01-15",
|
|
"description": "Description",
|
|
"displayOptions": {
|
|
"isFavourite": false,
|
|
"isHidden": false
|
|
},
|
|
"evaluation": {
|
|
"admiraltyCode": "B1",
|
|
"credibility": 100,
|
|
"reliability": 80,
|
|
"severity": "orange",
|
|
"tlp": "amber",
|
|
"ttl": null
|
|
},
|
|
"expertise": [],
|
|
"files": [
|
|
{
|
|
"hash": "612312f6cf9d2e6c978898117b7b5b85035b3d5e67c4ee266879868c9eb24dd3",
|
|
"mime": "image/png",
|
|
"name": "612312f6cf9d2e6c978898117b7b5b85035b3d5e67c4ee266879868c9eb24dd3",
|
|
"size": 209254
|
|
}
|
|
],
|
|
"forumsAccounts": [],
|
|
"id": "1b09d389d016121afbffe481a14b30ea995876e4",
|
|
"indicatorMalwareRelationships": [],
|
|
"indicatorRelationships": [
|
|
{
|
|
"sourceId": "9f3a2a244570a38e772a35d7c9171eed92bec6f7",
|
|
"targetId": "12cad1ca535a92a2ed306c0edf3025e7d9776693"
|
|
}
|
|
],
|
|
"indicatorToolRelationships": [],
|
|
"indicators": [
|
|
{
|
|
"description": null,
|
|
"id": "42a9929807fd954918f9bb603135754be7a6e99c",
|
|
"langs": [
|
|
"en"
|
|
],
|
|
"malwareList": [],
|
|
"params": {
|
|
"hashes": {
|
|
"md4": "",
|
|
"md5": "5d43baf1c9e9e3a939e5defd8f8fbd8d",
|
|
"md6": "",
|
|
"ripemd160": "",
|
|
"sha1": "d5ff73c043f3bb75dd749636307500b60a436550",
|
|
"sha224": "",
|
|
"sha256": "867c8b49d29ae1f6e4a7cd31b6fe7e278753a1ba03d4be338ed11fd1efc7dd36",
|
|
"sha384": "",
|
|
"sha512": "",
|
|
"whirlpool": ""
|
|
},
|
|
"name": "5d43baf1c9e9e3a939e5defd8f8fbd8d",
|
|
"size": null
|
|
},
|
|
"seqUpdate": 16107188498634,
|
|
"techSeqUpdate": null,
|
|
"title": null,
|
|
"type": "file"
|
|
},
|
|
{
|
|
"description": null,
|
|
"id": "12cad1ca535a92a2ed306c0edf3025e7d9776693",
|
|
"langs": [
|
|
"en"
|
|
],
|
|
"malwareList": [],
|
|
"params": {
|
|
"domain": "www.creaideck.com",
|
|
"ipv4": [],
|
|
"ipv6": [],
|
|
"ssl": [],
|
|
"url": "https://www.creaideck.com/update/darwin64.bin"
|
|
},
|
|
"seqUpdate": 16107188498908,
|
|
"techSeqUpdate": null,
|
|
"title": null,
|
|
"type": "network"
|
|
}
|
|
],
|
|
"indicatorsIds": [
|
|
"9f3a2a244570a38e772a35d7c9171eed92bec6f7",
|
|
"8b96c56cbc980c1e3362060ffa953e65281fb4df",
|
|
"42a9929807fd954918f9bb603135754be7a6e99c",
|
|
"12cad1ca535a92a2ed306c0edf3025e7d9776693"
|
|
],
|
|
"isTailored": false,
|
|
"labels": [],
|
|
"langs": [
|
|
"en",
|
|
"ru"
|
|
],
|
|
"malwareList": [],
|
|
"mitreMatrix": [
|
|
{
|
|
"attackPatternId": "attack-pattern--45242287-2964-4a3e-9373-159fad4d8195",
|
|
"attackTactic": "establish-&-maintain-infrastructure",
|
|
"attackType": "pre_attack_tactics",
|
|
"id": "PRE-T1105",
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--0a5231ec-41af-4a35-83d0-6bdf11f28c65",
|
|
"attackTactic": "execution",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--62b8c999-dcc0-4755-bd69-09442d9359f5",
|
|
"attackTactic": "execution",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--9422fc14-1c43-410d-ab0f-a709b76c72dc",
|
|
"attackTactic": "persistence",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--57340c81-c025-4189-8fa0-fc7ede51bae4",
|
|
"attackTactic": "defense-evasion",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--62b8c999-dcc0-4755-bd69-09442d9359f5",
|
|
"attackTactic": "defense-evasion",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--c32f7008-9fea-41f7-8366-5eb9b74bd896",
|
|
"attackTactic": "discovery",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--354a7f88-63fb-41b5-a801-ce3b377b36f1",
|
|
"attackTactic": "discovery",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
},
|
|
{
|
|
"attackPatternId": "attack-pattern--f879d51c-5476-431c-aedf-f14d207e4d1e",
|
|
"attackTactic": "command-and-control",
|
|
"attackType": "enterprise_tactics",
|
|
"id": null,
|
|
"params": {
|
|
"data": ""
|
|
}
|
|
}
|
|
],
|
|
"oldId": "4c01c2d4-5ebb-44d8-9e91-be89231b0eb3",
|
|
"regions": [],
|
|
"relatedThreatActors": [],
|
|
"reportNumber": "CP-2501-1653",
|
|
"sectors": [
|
|
"financial-services",
|
|
"finance"
|
|
],
|
|
"seqUpdate": 16107218765545,
|
|
"shortDescription": null,
|
|
"shortTitle": null,
|
|
"sources": [],
|
|
"targetedCompany": [],
|
|
"targetedPartnersAndClients": [],
|
|
"techSeqUpdate": null,
|
|
"threatActor": {
|
|
"country": "KP",
|
|
"id": "5e9f20fdcf5876b5772b3d09b432f4080711ac5f",
|
|
"isAPT": true,
|
|
"name": "Lazarus"
|
|
},
|
|
"title": "Lazarus launches new attack with cryptocurrency trading platforms",
|
|
"toolList": [],
|
|
"type": "threat",
|
|
"updatedAt": "2021-01-15T16:53:20+03:00"
|
|
} |