{ "type": "bundle", "id": "bundle--f859456f-97bd-466f-ac23-09ed131c0dce", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--d6060d27-a078-4b68-808e-0f825436ce05", "created": "2025-02-20T01:00:01.713031Z", "modified": "2025-02-20T01:01:57.020342Z", "name": "ENKI", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--9d00a794-91f7-4e2b-986a-29a813acd991", "hashes": { "SHA-256": "8b6d6807213c21c84192cc697d96396eced341f342161045df990830d371b70c" } }, { "type": "file", "spec_version": "2.1", "id": "file--039f9cf8-cf67-4029-a840-3e42b1afcf91", "hashes": { "SHA-256": "5527f0acb4755e4402434f84c0aac602260e0736f7fdb62cdc329955d47ffe3b" } }, { "type": "file", "spec_version": "2.1", "id": "file--81a67a4a-9e2f-47a0-8496-a1c6937dbc05", "hashes": { "SHA-256": "13412b54e3e8f30d3179e54cc653dc651e8cbe43d625c96451942910c91e76b9" } }, { "type": "file", "spec_version": "2.1", "id": "file--342153a6-1331-4256-90fd-25f4560feb9a", "hashes": { "SHA-256": "52046ad374041f0cabc47e897e10de86b64997ed6da8123d067dac7ead5343b7" } }, { "type": "file", "spec_version": "2.1", "id": "file--19640f87-b0b5-496f-8a51-0442ac228a24", "hashes": { "SHA-256": "7790c55c5dded39c0a6a0eabf05665ce96762047db20ae8e472715461080237d" } }, { "type": "file", "spec_version": "2.1", "id": "file--95b0bcf0-8d01-424b-a2b1-ff1163fb051e", "hashes": { "SHA-256": "6ac3bd5e67f5ba1f8effbb53d25078e11ba3dd3d3d5046f5409d653c73db5d59" } }, { "type": "url", "spec_version": "2.1", "id": "url--7fa17123-b0f8-46b7-abfd-3714aa00e74f", "value": "https://files.catbox.moe/mur3el.png" }, { "type": "url", "spec_version": "2.1", "id": "url--3ef0c66d-8ad4-4249-b8ae-947584fa01c1", "value": "https://app.mercuryswap.io" }, { "type": "url", "spec_version": "2.1", "id": "url--069c5e01-0fa5-4bc3-b10c-9a789a139ec4", "value": "https://files.catbox.moe/zxmneq.png" }, { "type": "url", "spec_version": "2.1", "id": "url--584da34c-5557-458f-8022-29333106452f", "value": "https://www.dropbox.com/scl/fi/edq1ecio6zr2ophnnv3l7/89373.png?rlkey=whwftc8qf452xku7c8ya3cd5o&st=bcmppt7i&dl=0" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--51fb2a75-da3e-4c00-8ac1-462c1ef13804", "value": "app.mercuryswap.io" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--8b7f6b2f-e3b8-4e88-9a61-9fa1f2783edc", "value": "166.88.117.246" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--562afe01-2d3d-42a8-bce2-9a2640421483", "value": "166.88.90.143" }, { "type": "report", "spec_version": "2.1", "id": "report--39ea643c-a3c3-4c25-afd6-e71a08280bfe", "created_by_ref": "identity--d6060d27-a078-4b68-808e-0f825436ce05", "created": "2026-06-24T19:47:48.98272Z", "modified": "2026-06-24T19:47:48.98272Z", "name": "An attacker, disguised as a job seeker, distributing malware on GitHub", "published": "2025-06-03T00:00:00Z", "object_refs": [ "identity--d6060d27-a078-4b68-808e-0f825436ce05", "file--9d00a794-91f7-4e2b-986a-29a813acd991", "file--039f9cf8-cf67-4029-a840-3e42b1afcf91", "file--81a67a4a-9e2f-47a0-8496-a1c6937dbc05", "file--342153a6-1331-4256-90fd-25f4560feb9a", "file--19640f87-b0b5-496f-8a51-0442ac228a24", "file--95b0bcf0-8d01-424b-a2b1-ff1163fb051e", "url--7fa17123-b0f8-46b7-abfd-3714aa00e74f", "url--3ef0c66d-8ad4-4249-b8ae-947584fa01c1", "url--069c5e01-0fa5-4bc3-b10c-9a789a139ec4", "url--584da34c-5557-458f-8022-29333106452f", "domain-name--51fb2a75-da3e-4c00-8ac1-462c1ef13804", "ipv4-addr--8b7f6b2f-e3b8-4e88-9a61-9fa1f2783edc", "ipv4-addr--562afe01-2d3d-42a8-bce2-9a2640421483" ], "external_references": [ { "source_name": "source", "url": "https://www.enki.co.kr/en/media-center/tech-blog/an-attacker-disguised-as-a-job-seeker-distributing-malware-on-github" } ] } ] }