Examples/AttackPattern.json
|
{
"sourcesystem": "TestStixObjects", "stixobjects": [ { "type": "attack-pattern", "spec_version": "2.1", "id": "attack-pattern--fb6aa549-c94a-4e45-b4fd-7e32602dad85", "created": "2015-05-15T09:12:16.432Z", "modified": "2015-05-20T09:12:16.432Z", "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff", "revoked": false, "labels": [ "heartbleed", "has-logo" ], "confidence": 55, "lang": "en", "object_marking_refs": [ "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da" ], "granular_markings": [ { "marking_ref": "marking-definition--089a6ecb-cc15-43cc-9494-767639779123", "selectors": [ "description", "labels" ], "lang": "en" } ], "extensions": { "extension-definition--d83fce45-ef58-4c6c-a3f4-1fbc32e98c6e": { "extension_type": "property-extension", "rank": 5, "toxicity": 8 } }, "external_references": [ { "source_name": "capec", "description": "spear phishing", "external_id": "CAPEC-163" } ], "name": "Attack Pattern 2.1", "description": "menuPass appears to favor spear phishing to deliver payloads to the intended targets. While the attackers behind menuPass have used other RATs in their campaign, it appears that they use PIVY as their primary persistence mechanism.", "kill_chain_phases": [ { "kill_chain_name": "mandiant-attack-lifecycle-model", "phase_name": "initial-compromise" } ], "aliases": [ "alias_1", "alias_2" ] } ] } |