{ "type": "bundle", "id": "bundle--ebb110b2-89e2-4566-8632-58cd350b45aa", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "created": "2023-03-08T12:51:44.544245Z", "modified": "2024-09-09T23:28:33.92829Z", "name": "PaloaltoNetworks", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--c4d32de7-281e-4379-a2ff-c893b35da396", "hashes": { "SHA-256": "4b3416fb6d1ed1f762772b4dd4f4f652e63ba41f7809b25c5fa0ee9010f7dae7" } }, { "type": "file", "spec_version": "2.1", "id": "file--ecf7fe35-dde4-474c-8a84-35a0e7c4d4fb", "hashes": { "SHA-256": "bd6efb16527b025a5fd256bb357a91b4ff92aff599105252e50b87f1335db9e1" } }, { "type": "file", "spec_version": "2.1", "id": "file--bb3a8907-01b2-44fb-a860-d894d44b5ebe", "hashes": { "MD5": "d742aa65c4880f85ae43feebb0781b67" } }, { "type": "file", "spec_version": "2.1", "id": "file--f3f6f1d2-1e3c-44b9-9a78-e765ab228ebd", "hashes": { "SHA-256": "d50a0980da6297b8e4cec5db0a8773635cee74ac6f5c1ff18197dfba549f6712" } }, { "type": "file", "spec_version": "2.1", "id": "file--dffbe42a-fc69-4a84-938c-651401ed6f8d", "hashes": { "SHA-256": "33ce9bcaeb0733a77ff0d85263ce03502ac20873bf58a118d1810861caced254" } }, { "type": "file", "spec_version": "2.1", "id": "file--276efb68-5758-4aaa-ace7-4bb74577d493", "hashes": { "SHA-256": "75917cc1bd9ecd7ef57b7ef428107778b19f46e8c38c00f1c70efc118cb8aab5" } }, { "type": "file", "spec_version": "2.1", "id": "file--af35762d-237f-4bc6-a0a9-e694aecf3da9", "hashes": { "MD5": "bde663d08d4e2e17940d890ccf2e6e74" } }, { "type": "file", "spec_version": "2.1", "id": "file--ace421ca-bf9e-42b6-a503-eaa89f19e2f2", "hashes": { "SHA-256": "f86d05c1d7853c06fc5561f8df19b53506b724a83bb29c69b39f004a0f7f82d8" } }, { "type": "file", "spec_version": "2.1", "id": "file--a47df7ed-30bf-4ab6-bc13-b41e0543a564", "hashes": { "MD5": "daab894b81cc375f0684ae66981b357d" } }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--1e5b5ecf-b64f-47a3-a650-3f7f9112fe08", "value": "173.248.170.149" }, { "type": "report", "spec_version": "2.1", "id": "report--1c1ebae0-8540-4ccd-ba02-3877c6efc78e", "created_by_ref": "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "created": "2026-06-24T19:47:26.973368Z", "modified": "2026-06-24T19:47:26.973368Z", "name": "BabyShark Malware Part Two \u2013 Attacks Continue Using KimJongRAT and PCRat", "published": "2019-04-26T00:00:00Z", "object_refs": [ "identity--5ace95f0-bd6c-4fee-a494-ca40e791918d", "file--c4d32de7-281e-4379-a2ff-c893b35da396", "file--ecf7fe35-dde4-474c-8a84-35a0e7c4d4fb", "file--bb3a8907-01b2-44fb-a860-d894d44b5ebe", "file--f3f6f1d2-1e3c-44b9-9a78-e765ab228ebd", "file--dffbe42a-fc69-4a84-938c-651401ed6f8d", "file--276efb68-5758-4aaa-ace7-4bb74577d493", "file--af35762d-237f-4bc6-a0a9-e694aecf3da9", "file--ace421ca-bf9e-42b6-a503-eaa89f19e2f2", "file--a47df7ed-30bf-4ab6-bc13-b41e0543a564", "ipv4-addr--1e5b5ecf-b64f-47a3-a650-3f7f9112fe08" ], "external_references": [ { "source_name": "source", "url": "https://unit42.paloaltonetworks.com/babyshark-malware-part-two-attacks-continue-using-kimjongrat-and-pcrat/" } ] } ] }