{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
+ " "created": "2017-09-26T23:33:39.829Z",\n",
+ " "modified": "2017-09-26T23:33:39.829Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "name": "File hash for malware variant",\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:33:39.829952Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "malware",\n",
+ " "id": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2",\n",
+ " "created": "2017-09-26T23:33:56.908Z",\n",
+ " "modified": "2017-09-26T23:33:56.908Z",\n",
+ " "name": "Poison Ivy",\n",
+ " "labels": [\n",
+ " "remote-access-trojan"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "relationship",\n",
+ " "id": "relationship--637aa3b1-d4b8-4bc4-85e7-77cc82b198a3",\n",
+ " "created": "2017-09-26T23:34:01.765Z",\n",
+ " "modified": "2017-09-26T23:34:01.765Z",\n",
+ " "relationship_type": "indicates",\n",
+ " "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
+ " "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+ "}\n",
+ "{\n",
+ " "type": "relationship",\n",
+ " "id": "relationship--70fe77c2-ab00-4181-a2dc-fe5567d971ca",\n",
+ " "created": "2017-09-26T23:34:03.923Z",\n",
+ " "modified": "2017-09-26T23:34:03.923Z",\n",
+ " "relationship_type": "indicates",\n",
+ " "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
+ " "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+ "}\n",
+ "{\n",
+ " "type": "bundle",\n",
+ " "id": "bundle--2536c43d-c874-418e-886c-20a22120d8cb",\n",
+ " "spec_version": "2.0",\n",
+ " "objects": [\n",
+ " {\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
+ " "created": "2017-09-26T23:33:39.829Z",\n",
+ " "modified": "2017-09-26T23:33:39.829Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "name": "File hash for malware variant",\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:33:39.829952Z"\n",
+ " },\n",
+ " {\n",
+ " "type": "malware",\n",
+ " "id": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2",\n",
+ " "created": "2017-09-26T23:33:56.908Z",\n",
+ " "modified": "2017-09-26T23:33:56.908Z",\n",
+ " "name": "Poison Ivy",\n",
+ " "labels": [\n",
+ " "remote-access-trojan"\n",
+ " ]\n",
+ " },\n",
+ " {\n",
+ " "type": "relationship",\n",
+ " "id": "relationship--637aa3b1-d4b8-4bc4-85e7-77cc82b198a3",\n",
+ " "created": "2017-09-26T23:34:01.765Z",\n",
+ " "modified": "2017-09-26T23:34:01.765Z",\n",
+ " "relationship_type": "indicates",\n",
+ " "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
+ " "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+ " }\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "x_foo": "bar",\n",
+ " "type": "identity",\n",
+ " "id": "identity--8d7f0697-e589-4e3b-aa57-cae798d2d138",\n",
+ " "created": "2017-09-26T21:02:19.465Z",\n",
+ " "modified": "2017-09-26T21:02:19.465Z",\n",
+ " "name": "John Smith",\n",
+ " "identity_class": "individual"\n",
+ "}\n",
+ "{\n",
+ " "x_foo": "bar",\n",
+ " "type": "identity",\n",
+ " "id": "identity--1e8188eb-245f-400b-839d-7f612169c514",\n",
+ " "created": "2017-09-26T21:02:22.708Z",\n",
+ " "modified": "2017-09-26T21:02:22.708Z",\n",
+ " "name": "John Smith",\n",
+ " "identity_class": "individual"\n",
+ "}\n",
+ "{\n",
+ " "type": "x-animal",\n",
+ " "id": "x-animal--caebdf17-9d2a-4c84-8864-7406326618f0",\n",
+ " "created": "2017-09-26T21:02:34.724Z",\n",
+ " "modified": "2017-09-26T21:02:34.724Z",\n",
+ " "species": "lion",\n",
+ " "animal_class": "mammal"\n",
+ "}\n",
+ "{\n",
+ " "type": "x-new-observable",\n",
+ " "a_property": "something",\n",
+ " "property_2": 10\n",
+ "}\n",
+ "{\n",
+ " "property1": "something",\n",
+ " "property2": 10\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--cc2faac7-3c29-4912-bfff-d87935791d17",\n",
+ " "created_by_ref": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",\n",
+ " "created": "2017-09-26T23:35:34.669Z",\n",
+ " "modified": "2017-09-26T23:35:34.669Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:35:34.669764Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--fc423952-2088-4182-a5da-65bcc989c0cc",\n",
+ " "created": "2017-09-25T18:07:46.255Z",\n",
+ " "modified": "2017-09-25T18:07:46.255Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:35:37.083918Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--4850716c-7ff2-4f01-9bef-72c873f8bd29",\n",
+ " "created_by_ref": "identity--962cabe5-f7f3-438a-9169-585a8c971d12",\n",
+ " "created": "2017-09-25T18:07:46.255Z",\n",
+ " "modified": "2017-09-25T18:07:46.255Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:35:39.049647Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--aa0a1159-32b8-44d7-ba58-574ab6b9c9af",\n",
+ " "created": "2017-09-26T23:38:12.161Z",\n",
+ " "modified": "2017-09-26T23:38:12.161Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:12.161492Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "marking-definition",\n",
+ " "id": "marking-definition--b039cd22-b453-40c7-b9d8-20f8ae1ba29b",\n",
+ " "created": "2017-09-26T23:38:13.988639Z",\n",
+ " "definition_type": "statement",\n",
+ " "definition": {\n",
+ " "statement": "Copyright 2017, Example Corp"\n",
+ " }\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--79913250-0e10-45d2-925d-53ee3747eac5",\n",
+ " "created": "2017-09-26T23:38:15.669Z",\n",
+ " "modified": "2017-09-26T23:38:15.669Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:15.669626Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--b039cd22-b453-40c7-b9d8-20f8ae1ba29b"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--f96f6de3-184d-4d18-85cd-c1517265b775",\n",
+ " "created": "2017-09-26T23:38:17.187Z",\n",
+ " "modified": "2017-09-26T23:38:17.187Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:17.18725Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "malware",\n",
+ " "id": "malware--1c57d899-1255-4f08-b084-289296b3aa0d",\n",
+ " "created": "2017-09-26T23:38:18.729Z",\n",
+ " "modified": "2017-09-26T23:38:18.729Z",\n",
+ " "name": "Poison Ivy",\n",
+ " "description": "A ransomware related to ...",\n",
+ " "labels": [\n",
+ " "remote-access-trojan"\n",
+ " ],\n",
+ " "granular_markings": [\n",
+ " {\n",
+ " "marking_ref": "marking-definition--b039cd22-b453-40c7-b9d8-20f8ae1ba29b",\n",
+ " "selectors": [\n",
+ " "description"\n",
+ " ]\n",
+ " },\n",
+ " {\n",
+ " "marking_ref": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",\n",
+ " "selectors": [\n",
+ " "name"\n",
+ " ]\n",
+ " }\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--aa0a1159-32b8-44d7-ba58-574ab6b9c9af",\n",
+ " "created": "2017-09-26T23:38:12.161Z",\n",
+ " "modified": "2017-09-26T23:38:22.548Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:12.161492Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--b039cd22-b453-40c7-b9d8-20f8ae1ba29b",\n",
+ " "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--aa0a1159-32b8-44d7-ba58-574ab6b9c9af",\n",
+ " "created": "2017-09-26T23:38:12.161Z",\n",
+ " "modified": "2017-09-26T23:38:24.574Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:12.161492Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--aa0a1159-32b8-44d7-ba58-574ab6b9c9af",\n",
+ " "created": "2017-09-26T23:38:12.161Z",\n",
+ " "modified": "2017-09-26T23:38:26.215Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:12.161492Z",\n",
+ " "object_marking_refs": [\n",
+ " "marking-definition--b039cd22-b453-40c7-b9d8-20f8ae1ba29b",\n",
+ " "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"\n",
+ " ]\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--aa0a1159-32b8-44d7-ba58-574ab6b9c9af",\n",
+ " "created": "2017-09-26T23:38:12.161Z",\n",
+ " "modified": "2017-09-26T23:38:27.900Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:12.161492Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--81b0644d-5e9d-48fb-bb83-aabe77918305",\n",
+ " "created": "2017-09-26T23:38:55.476Z",\n",
+ " "modified": "2017-09-26T23:38:55.476Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "name": "File hash for malware variant",\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:38:55.476436Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--92bb1ae4-db9c-4d6e-8ded-ef7280b4439a",\n",
+ " "created": "2016-01-01T08:00:00.000Z",\n",
+ " "modified": "2017-09-26T23:39:07.149Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "name": "File hash for Foobar malware",\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:39:07.132129Z"\n",
+ "}\n",
+ "{\n",
+ " "type": "indicator",\n",
+ " "id": "indicator--92bb1ae4-db9c-4d6e-8ded-ef7280b4439a",\n",
+ " "created": "2016-01-01T08:00:00.000Z",\n",
+ " "modified": "2017-09-26T23:39:09.463Z",\n",
+ " "labels": [\n",
+ " "malicious-activity"\n",
+ " ],\n",
+ " "name": "File hash for Foobar malware",\n",
+ " "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+ " "valid_from": "2017-09-26T23:39:07.132129Z",\n",
+ " "revoked": true\n",
+ "}\n",
+ "