{
    "type": "bundle",
    "id": "bundle--8fa9fff5-c888-49a8-9ed6-b8aca6b5927c",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--8a0b93da-a9d1-41b5-8d1b-7e8a105945fc",
            "created": "2023-03-08T14:44:38.241293Z",
            "modified": "2023-03-08T14:44:38.241418Z",
            "name": "S2W",
            "identity_class": "organization"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--00a518ef-3f7c-41bc-928b-c2daf5a88f7f",
            "hashes": {
                "MD5": "b3a8c88297daecdb9b0ac54a3c107797"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--fda7d6cd-0db3-4c48-9c83-4640074162a8",
            "hashes": {
                "SHA-256": "a881c9f40c1a5be3919cafb2ebe2bb5b19e29f0f7b28186ee1f4b554d692e776"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--46820103-7f39-4399-8ae0-91b6e37daf3f",
            "hashes": {
                "SHA-256": "61367c3a1d4c9ccaee568157bc4cf2feb997161ed3395878a448d8a2bf67dfa9"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--f24fd8e8-6a44-490e-8696-e9c4b37d4dd1",
            "hashes": {
                "MD5": "98151ba9f3e0a55bba16c58428b3a178"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--b487c46b-a9a5-469b-9044-8b47f3b2858e",
            "hashes": {
                "SHA-1": "46660f562fe01b5df0e1ac03dd44b4cc8d2fa5f5"
            }
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b",
            "created": "2026-06-24T21:04:01.784541Z",
            "modified": "2026-06-24T21:04:01.784541Z",
            "name": "Lazarus"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--3a1012c7-ea4e-4db4-aea3-7c25af61bb8a",
            "created_by_ref": "identity--8a0b93da-a9d1-41b5-8d1b-7e8a105945fc",
            "created": "2026-06-24T21:04:01.785613Z",
            "modified": "2026-06-24T21:04:01.785613Z",
            "name": "Analysis of Lazarus malware abusing Non-ActiveX Module in South Korea",
            "published": "2021-07-08T00:00:00Z",
            "object_refs": [
                "identity--8a0b93da-a9d1-41b5-8d1b-7e8a105945fc",
                "file--00a518ef-3f7c-41bc-928b-c2daf5a88f7f",
                "file--fda7d6cd-0db3-4c48-9c83-4640074162a8",
                "file--46820103-7f39-4399-8ae0-91b6e37daf3f",
                "file--f24fd8e8-6a44-490e-8696-e9c4b37d4dd1",
                "file--b487c46b-a9a5-469b-9044-8b47f3b2858e",
                "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://medium.com/s2wlab/analysis-of-lazarus-malware-abusing-non-activex-module-in-south-korea-7d52b9539c12"
                }
            ]
        }
    ]
}