{
    "type": "bundle",
    "id": "bundle--844b8db7-be0e-4440-ae67-a2263953e757",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--bc9bd0db-10a8-47da-933b-00a81abd9f46",
            "created": "2025-02-06T00:27:11.249603Z",
            "modified": "2025-02-06T00:29:29.818666Z",
            "name": "CybersecSentinel",
            "identity_class": "organization"
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--9915c9bf-525f-4f00-a266-524e57912f79",
            "value": "sfrclak.com"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--e1c69ddd-9282-4fea-8b19-56289e7e718e",
            "hashes": {
                "SHA-256": "e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09"
            }
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--dbe55bfd-6d10-407e-969a-53d22426522e",
            "value": "callnrwise.com"
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--15d803c1-f248-4623-af7b-f379f2a36962",
            "value": "http://sfrclak.com:8000/6202033"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--794180bf-52c3-45df-bf94-6810144b7a2f",
            "value": "142.11.206.73"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--6737405d-c322-4e76-ae32-fe116853ac3e",
            "hashes": {
                "SHA-1": "d6f3f62fd3b9f5432f5782b62d8cfd5247d5ee71"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--c163df48-c7da-4467-938a-996dfe8d0f46",
            "hashes": {
                "SHA-1": "07d889e2dadce6f3910dcbc253317d28ca61c766"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--1225edee-ec42-4994-9b85-579dee2163f9",
            "hashes": {
                "SHA-1": "2553649f2322049666871cea80a5d0d6adc700ca"
            }
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--b1fc54ae-4fb3-5833-9e0f-4873d16620f8",
            "created": "2026-06-24T18:11:51.040212Z",
            "modified": "2026-06-24T18:11:51.040212Z",
            "name": "UNC1069"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--9919bad2-bafc-4665-ad55-d35a7a4c1b2d",
            "created_by_ref": "identity--bc9bd0db-10a8-47da-933b-00a81abd9f46",
            "created": "2026-06-24T18:11:51.053477Z",
            "modified": "2026-06-24T18:11:51.053477Z",
            "name": "Axios npm Backdoored: UNC1069 Deploys Cross-Platform RAT via Supply Chain Attack",
            "published": "2026-04-01T00:00:00Z",
            "object_refs": [
                "identity--bc9bd0db-10a8-47da-933b-00a81abd9f46",
                "domain-name--9915c9bf-525f-4f00-a266-524e57912f79",
                "file--e1c69ddd-9282-4fea-8b19-56289e7e718e",
                "domain-name--dbe55bfd-6d10-407e-969a-53d22426522e",
                "url--15d803c1-f248-4623-af7b-f379f2a36962",
                "ipv4-addr--794180bf-52c3-45df-bf94-6810144b7a2f",
                "file--6737405d-c322-4e76-ae32-fe116853ac3e",
                "file--c163df48-c7da-4467-938a-996dfe8d0f46",
                "file--1225edee-ec42-4994-9b85-579dee2163f9",
                "threat-actor--b1fc54ae-4fb3-5833-9e0f-4873d16620f8"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://cybersecsentinel.com/axios-npm-backdoored-unc1069-deploys-cross-platform-rat-via-supply-chain-attack/"
                }
            ]
        }
    ]
}