-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
7e1df00
commit ccf2347
Showing
7 changed files
with
7 additions
and
7 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| {"description": "IBM X-Force SHA256 Unknown", "schema_version": "1.0.23", "type": "investigation", "search-txt": "sha256:\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":3003105000.000687,\"updated-perf\":3003110000.0005608,\"type\":\"collect\",\"created\":\"2021-02-03T09:46:38.065Z\",\"state\":\"ok\",\"arg\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"result\":[{\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"type\":\"sha256\"}],\"id\":\"collect-f808b1c1\",\"uuid\":\"5738d40c-f711-4ce2-af2c-711de710371a\"},{\"created-perf\":7042065000.000548,\"updated-perf\":7042065000.000548,\"type\":\"investigate\",\"created\":\"2021-02-03T09:46:42.104Z\",\"state\":\"ok\",\"arg\":{\"type\":\"sha256\",\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\"},\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]},\"judgements\":{\"count\":0,\"docs\":[]}}},{\"module\":\"SecurityTrails\",\"module_instance_id\":\"6e906027-29c3-44db-a2a2-af3abba0c269\",\"module_type_id\":\"80b90eb0-a856-4251-b857-ab9ebdf917ae\",\"data\":{}},{\"module\":\"IBM X-Force Exchange\",\"module_instance_id\":\"a5735994-e2ed-40d5-bb77-c381e270706a\",\"module_type_id\":\"a14ae422-01b6-5013-9876-695ff1b0ebe0\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2023-07-19T09:46:39.000Z\",\"end_time\":\"2023-08-18T09:46:39.000Z\"},\"producer\":\"IBM X-Force\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"IBM X-Force Exchange\",\"external_ids\":[\"guid:6861e492801e939401389febcf4da062\"],\"title\":\"XorDDoS Analysis Report\",\"external_references\":[{\"source_name\":\"IBM X-Force Exchange\",\"url\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"external_id\":\"guid:6861e492801e939401389febcf4da062\"}],\"source_uri\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"id\":\"transient:indicator-2bb1dcad-1d5a-522b-985b-1808027a9c9c\",\"confidence\":\"High\"}]},\"relationships\":{\"count\":1,\"docs\":[{\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-2bb1dcad-1d5a-522b-985b-1808027a9c9c\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-e3a7e519-7d15-52c8-b353-c15766e9fd2f\",\"id\":\"transient:relationship-c7979bde-630f-4bff-a271-764c7e709183\",\"relationship_type\":\"member-of\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"type\":\"sha256\"}],\"type\":\"sighting\",\"source\":\"IBM X-Force Exchange\",\"external_ids\":[\"guid:6861e492801e939401389febcf4da062\"],\"title\":\"Contained in Collection: XorDDoS Analysis Report\",\"internal\":false,\"external_references\":[{\"source_name\":\"IBM X-Force Exchange\",\"url\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"external_id\":\"guid:6861e492801e939401389febcf4da062\"}],\"source_uri\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"id\":\"transient:sighting-e3a7e519-7d15-52c8-b353-c15766e9fd2f\",\"count\":1,\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2023-02-16T08:21:09.000Z\",\"end_time\":\"2023-02-16T08:21:09.000Z\"}}]}}}],\"errors\":[{\"module_instance_id\":\"2ee56aba-c4f3-4863-8814-15e6712a9cf6\",\"module_type_id\":\"bb2689d9-c9f2-4d45-b5a3-7ed006a0709f\",\"code\":\"client-error\",\"message\":\"There was a client error in the module: {:message \\\"Forbidden\\\"} [403]\",\"type\":\"error\",\"module\":\"Palo Alto AutoFocus relay\"},{\"module_instance_id\":\"3e613872-8a0e-43cb-88b3-3acf41263dc6\",\"module_type_id\":\"2fdd8988-4b4c-4114-adf9-36dacce4c103\",\"code\":\"malformed-api-url\",\"message\":\"Malformed API URL /observe/observables\",\"type\":\"fatal\",\"module\":\"Tokio1\"},{\"module_instance_id\":\"4dc06f5c-a85d-4e79-9a72-d86901169b87\",\"module_type_id\":\"44606d8d-fc66-4ac7-815b-4448e096180f\",\"code\":\"invalid-json-response\",\"message\":\"The server response is not properly JSON encoded\",\"type\":\"fatal\",\"module\":\"Pulsedive\"}]},\"id\":\"investigate-c2c86434\",\"uuid\":\"1d183dc9-2b27-46c6-94ee-954f8ffc4144\"}]", "short_description": "Snapshot @ 20210203 09:48:36", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-6b5d22dd-bf52-4866-9a07-442b4d03534e", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-02-03T09:49:01.899Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"} | ||
| {"description": "IBM X-Force SHA256 Unknown", "schema_version": "1.0.23", "type": "investigation", "search-txt": "sha256:\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\"", "source": "Test_company Company_test", "actions": "[{\"created-perf\":3003105000.000687,\"updated-perf\":3003110000.0005608,\"type\":\"collect\",\"created\":\"2021-02-03T09:46:38.065Z\",\"state\":\"ok\",\"arg\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"result\":[{\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"type\":\"sha256\"}],\"id\":\"collect-f808b1c1\",\"uuid\":\"5738d40c-f711-4ce2-af2c-711de710371a\"},{\"created-perf\":7042065000.000548,\"updated-perf\":7042065000.000548,\"type\":\"investigate\",\"created\":\"2021-02-03T09:46:42.104Z\",\"state\":\"ok\",\"arg\":{\"type\":\"sha256\",\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\"},\"result\":{\"data\":[{\"module\":\"AMP File Reputation\",\"module_instance_id\":\"ddcf41a2-3ecb-43e8-b5b2-0e36ad2e16f3\",\"module_type_id\":\"1898d0e8-45f7-550d-8ab5-915f064426dd\",\"data\":{\"verdicts\":{\"count\":0,\"docs\":[]},\"judgements\":{\"count\":0,\"docs\":[]}}},{\"module\":\"SecurityTrails\",\"module_instance_id\":\"6e906027-29c3-44db-a2a2-af3abba0c269\",\"module_type_id\":\"80b90eb0-a856-4251-b857-ab9ebdf917ae\",\"data\":{}},{\"module\":\"IBM X-Force Exchange\",\"module_instance_id\":\"a5735994-e2ed-40d5-bb77-c381e270706a\",\"module_type_id\":\"a14ae422-01b6-5013-9876-695ff1b0ebe0\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2023-07-26T09:46:39.000Z\",\"end_time\":\"2023-08-25T09:46:39.000Z\"},\"producer\":\"IBM X-Force\",\"schema_version\":\"1.0.22\",\"type\":\"indicator\",\"source\":\"IBM X-Force Exchange\",\"external_ids\":[\"guid:6861e492801e939401389febcf4da062\"],\"title\":\"XorDDoS Analysis Report\",\"external_references\":[{\"source_name\":\"IBM X-Force Exchange\",\"url\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"external_id\":\"guid:6861e492801e939401389febcf4da062\"}],\"source_uri\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"id\":\"transient:indicator-2bb1dcad-1d5a-522b-985b-1808027a9c9c\",\"confidence\":\"High\"}]},\"relationships\":{\"count\":1,\"docs\":[{\"schema_version\":\"1.0.22\",\"target_ref\":\"transient:indicator-2bb1dcad-1d5a-522b-985b-1808027a9c9c\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-e3a7e519-7d15-52c8-b353-c15766e9fd2f\",\"id\":\"transient:relationship-c7979bde-630f-4bff-a271-764c7e709183\",\"relationship_type\":\"member-of\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"schema_version\":\"1.0.22\",\"observables\":[{\"value\":\"f7beb7acc7510ddf7d02ba5406527c4c37cdcee937bae50cc997b3557c5578c4\",\"type\":\"sha256\"}],\"type\":\"sighting\",\"source\":\"IBM X-Force Exchange\",\"external_ids\":[\"guid:6861e492801e939401389febcf4da062\"],\"title\":\"Contained in Collection: XorDDoS Analysis Report\",\"internal\":false,\"external_references\":[{\"source_name\":\"IBM X-Force Exchange\",\"url\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"external_id\":\"guid:6861e492801e939401389febcf4da062\"}],\"source_uri\":\"https://exchange.xforce.ibmcloud.com/collection/XorDDoS Analysis Report-guid:6861e492801e939401389febcf4da062\",\"id\":\"transient:sighting-e3a7e519-7d15-52c8-b353-c15766e9fd2f\",\"count\":1,\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2023-02-23T08:21:09.000Z\",\"end_time\":\"2023-02-23T08:21:09.000Z\"}}]}}}],\"errors\":[{\"module_instance_id\":\"2ee56aba-c4f3-4863-8814-15e6712a9cf6\",\"module_type_id\":\"bb2689d9-c9f2-4d45-b5a3-7ed006a0709f\",\"code\":\"client-error\",\"message\":\"There was a client error in the module: {:message \\\"Forbidden\\\"} [403]\",\"type\":\"error\",\"module\":\"Palo Alto AutoFocus relay\"},{\"module_instance_id\":\"3e613872-8a0e-43cb-88b3-3acf41263dc6\",\"module_type_id\":\"2fdd8988-4b4c-4114-adf9-36dacce4c103\",\"code\":\"malformed-api-url\",\"message\":\"Malformed API URL /observe/observables\",\"type\":\"fatal\",\"module\":\"Tokio1\"},{\"module_instance_id\":\"4dc06f5c-a85d-4e79-9a72-d86901169b87\",\"module_type_id\":\"44606d8d-fc66-4ac7-815b-4448e096180f\",\"code\":\"invalid-json-response\",\"message\":\"The server response is not properly JSON encoded\",\"type\":\"fatal\",\"module\":\"Pulsedive\"}]},\"id\":\"investigate-c2c86434\",\"uuid\":\"1d183dc9-2b27-46c6-94ee-954f8ffc4144\"}]", "short_description": "Snapshot @ 20210203 09:48:36", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-6b5d22dd-bf52-4866-9a07-442b4d03534e", "tlp": "amber", "groups": ["60c63e6e-a341-4990-8da8-9d432e8be7c0"], "timestamp": "2021-02-03T09:49:01.899Z", "owner": "d67071e5-7738-49a4-b315-4117b30a086b"} |
Large diffs are not rendered by default.
Oops, something went wrong.