{ "type": "bundle", "id": "bundle--61727362-70ac-473e-9e58-1dd9692168d0", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--59f99ee9-2b33-4e70-a488-4addc93d3d77", "created": "2023-03-08T12:51:43.018137Z", "modified": "2024-10-23T12:33:11.030915Z", "name": "Kaspersky", "identity_class": "organization" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--2a00f4b2-e80d-46a0-8e13-e46c38bed059", "value": "ms.msteam.biz" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--8b6b525b-15aa-44d7-a28d-b79bcaac81d1", "value": "155.138.159.45" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--c64d87fd-2d90-4c88-a5d2-cc9baeee9ced", "value": "104.168.174.80" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--4f11149a-74c5-4261-b4ef-ea25fb424855", "value": "149.28.247.34" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--839dc94a-b7a2-4fb4-9f45-3094e9b4db5c", "value": "152.89.247.87" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--0d735ff4-6a8d-438e-a8bd-3418734e4e0e", "value": "172.86.121.130" }, { "type": "file", "spec_version": "2.1", "id": "file--a86d2371-eef0-40b3-86b2-c8f6e860eada", "hashes": { "MD5": "d8f6290517c114e73e03ab30165098f6" } }, { "type": "file", "spec_version": "2.1", "id": "file--9ab188b4-2b61-4117-b421-80ba762884ee", "hashes": { "MD5": "21e9ddd5753363c9a1f36240f989d3a9" } }, { "type": "file", "spec_version": "2.1", "id": "file--1ff2d16d-d712-456a-be9d-595a2508ea4b", "hashes": { "MD5": "f766f97eb213d81bf15c02d4681c50a4" } }, { "type": "file", "spec_version": "2.1", "id": "file--54cbec9d-37c6-452e-8ba4-1485bf1f39f8", "hashes": { "MD5": "087407551649376d90d1743bac75aac8" } }, { "type": "file", "spec_version": "2.1", "id": "file--04aabbb9-4b76-45d3-8b60-e7ae1b9c3f4d", "hashes": { "MD5": "1e3df8ee796fc8a13731c6de1aed0818" } }, { "type": "file", "spec_version": "2.1", "id": "file--d9b17d61-68ef-4c8e-91fe-9eea05f44ac8", "hashes": { "MD5": "4c0fb06320d1b7ecf44ffd0442fc10ed" } }, { "type": "file", "spec_version": "2.1", "id": "file--11a5f4d3-33fc-46dc-beaf-4d3d41148f3b", "hashes": { "MD5": "ef3179d498793bf4234f708d3be28633" } }, { "type": "file", "spec_version": "2.1", "id": "file--5ea10112-c514-4aab-825b-f5148dc5a4d6", "hashes": { "MD5": "0b4340ed812dc82ce636c00fa5c9bef2" } }, { "type": "file", "spec_version": "2.1", "id": "file--3f4bf3c7-ee34-4b75-bd1a-c81be491b0e1", "hashes": { "MD5": "61a227bf4c5c1514f5cbd2f37d98ef5b" } }, { "type": "file", "spec_version": "2.1", "id": "file--f3389d50-f512-4fb1-8e19-b85a5d713ef8", "hashes": { "SHA-256": "da9f0e7dc6c52044fa29bea5337b4792b8b873373ba99ad816d5c9f5f275f03f" } }, { "type": "file", "spec_version": "2.1", "id": "file--8e661277-a019-4d40-bea5-96f9085ccb91", "hashes": { "MD5": "d3503e87df528ce3b07ca6d94d1ba9fc" } }, { "type": "url", "spec_version": "2.1", "id": "url--61695997-bf01-4fc2-a739-e9573fecc90e", "value": "http://avid.lno-prima.lol/NafqhbXR7KC/rTVCtCpxPH/kMjTqFDDNt/fiOHK5H35B/bM%3D" }, { "type": "url", "spec_version": "2.1", "id": "url--46c8230b-7bc3-4c4f-beb2-952db903bc06", "value": "https://www.angelbridge.jp" }, { "type": "url", "spec_version": "2.1", "id": "url--a64a21b2-8a0a-469f-b75f-1643845183a7", "value": "https://docs.azure-protection.cloud/%2BgFJKOpVX/4vRuFIaGlI/D%2BOfpTtg/YTN0TU1BNx/bMA5aGuZZP/ODq7aFQ%3D/%3D" }, { "type": "url", "spec_version": "2.1", "id": "url--70ffcf81-0757-41bc-8d53-f7401a2909e9", "value": "http://offerings.cloud/NafqhbXR7KC/rTVCtCpxPH/pdQTpFN6FC/Lhr_wXGXix/nQ%3D" }, { "type": "url", "spec_version": "2.1", "id": "url--b49dc471-af3f-4717-9b85-8b1f8de77168", "value": "https://www.abf-cap.com" }, { "type": "url", "spec_version": "2.1", "id": "url--a606eb21-45ce-4fd9-bfc4-cf5b1994fd1d", "value": "https://www.capmarketreport.com/packageupd.msi?ccop=RoPbnVqYd" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--48f3c5ba-9011-4e3e-b8c2-f8fe309174aa", "value": "abf-cap.co" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--7a73fdda-0038-49c1-9f7c-a4be19235655", "value": "offerings.cloud" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--0f233487-14f4-43d1-b841-83839218cb4f", "value": "smbc-vc.com" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--13bd095a-0404-45ba-b6e3-b12ceca67dff", "value": "beyondnextventures.co" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--2c90ced9-2469-4d57-b77e-eb931bfa099d", "value": "tptf.co" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--1dfab75a-49e6-4a6c-a87c-08de805f09ce", "value": "vote.anobaka.info" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--0d275023-44bf-4317-902d-97042b743c7d", "value": "cloud.beyondnextventures.co" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--d122df9a-e473-433b-94fe-1eb5a3b14c40", "value": "bankofamerica.us.org" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--f99f7598-caaa-4919-b062-67d1e15fe350", "value": "beyondnextventures.com" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--f909a1dc-39ad-47a0-b719-fb5832fcea5b", "value": "104.168.249.50" }, { "type": "file", "spec_version": "2.1", "id": "file--5e6ed2ac-472b-4d2c-833a-8cbefee58e8f", "hashes": { "MD5": "a17e9fc78706431ffc8b3085380fe29f" } }, { "type": "file", "spec_version": "2.1", "id": "file--2f8952e4-259e-48ce-a0f7-da374c0d3959", "hashes": { "MD5": "931d0969654af3f77fc1dab9e2bd66b1" } }, { "type": "url", "spec_version": "2.1", "id": "url--2bff9cb0-8f73-4a0c-9ad5-bd47183aad3c", "value": "https://docs.azure-protection.cloud/EMPxSKTgrr3/2CKnoSNLFF/0d6rQrBEMv/gGFroIw5_m/n9hLXkEOy3/wyQ%3D%3D" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--f7f0d913-f17b-5632-a48a-76b4eef8a1cb", "created": "2026-06-25T17:59:28.888185Z", "modified": "2026-06-25T17:59:28.888185Z", "name": "Bluenoroff" }, { "type": "report", "spec_version": "2.1", "id": "report--5bc67321-d832-442a-b077-67def9dd7433", "created_by_ref": "identity--59f99ee9-2b33-4e70-a488-4addc93d3d77", "created": "2026-06-25T17:59:28.913304Z", "modified": "2026-06-25T17:59:28.913304Z", "name": "BlueNoroff introduces new methods bypassing MoTW", "published": "2022-12-27T00:00:00Z", "object_refs": [ "identity--59f99ee9-2b33-4e70-a488-4addc93d3d77", "domain-name--2a00f4b2-e80d-46a0-8e13-e46c38bed059", "ipv4-addr--8b6b525b-15aa-44d7-a28d-b79bcaac81d1", "ipv4-addr--c64d87fd-2d90-4c88-a5d2-cc9baeee9ced", "ipv4-addr--4f11149a-74c5-4261-b4ef-ea25fb424855", "ipv4-addr--839dc94a-b7a2-4fb4-9f45-3094e9b4db5c", "ipv4-addr--0d735ff4-6a8d-438e-a8bd-3418734e4e0e", "file--a86d2371-eef0-40b3-86b2-c8f6e860eada", "file--9ab188b4-2b61-4117-b421-80ba762884ee", "file--1ff2d16d-d712-456a-be9d-595a2508ea4b", "file--54cbec9d-37c6-452e-8ba4-1485bf1f39f8", "file--04aabbb9-4b76-45d3-8b60-e7ae1b9c3f4d", "file--d9b17d61-68ef-4c8e-91fe-9eea05f44ac8", "file--11a5f4d3-33fc-46dc-beaf-4d3d41148f3b", "file--5ea10112-c514-4aab-825b-f5148dc5a4d6", "file--3f4bf3c7-ee34-4b75-bd1a-c81be491b0e1", "file--f3389d50-f512-4fb1-8e19-b85a5d713ef8", "file--8e661277-a019-4d40-bea5-96f9085ccb91", "url--61695997-bf01-4fc2-a739-e9573fecc90e", "url--46c8230b-7bc3-4c4f-beb2-952db903bc06", "url--a64a21b2-8a0a-469f-b75f-1643845183a7", "url--70ffcf81-0757-41bc-8d53-f7401a2909e9", "url--b49dc471-af3f-4717-9b85-8b1f8de77168", "url--a606eb21-45ce-4fd9-bfc4-cf5b1994fd1d", "domain-name--48f3c5ba-9011-4e3e-b8c2-f8fe309174aa", "domain-name--7a73fdda-0038-49c1-9f7c-a4be19235655", "domain-name--0f233487-14f4-43d1-b841-83839218cb4f", "domain-name--13bd095a-0404-45ba-b6e3-b12ceca67dff", "domain-name--2c90ced9-2469-4d57-b77e-eb931bfa099d", "domain-name--1dfab75a-49e6-4a6c-a87c-08de805f09ce", "domain-name--0d275023-44bf-4317-902d-97042b743c7d", "domain-name--d122df9a-e473-433b-94fe-1eb5a3b14c40", "domain-name--f99f7598-caaa-4919-b062-67d1e15fe350", "ipv4-addr--f909a1dc-39ad-47a0-b719-fb5832fcea5b", "file--5e6ed2ac-472b-4d2c-833a-8cbefee58e8f", "file--2f8952e4-259e-48ce-a0f7-da374c0d3959", "url--2bff9cb0-8f73-4a0c-9ad5-bd47183aad3c", "threat-actor--f7f0d913-f17b-5632-a48a-76b4eef8a1cb" ], "external_references": [ { "source_name": "source", "url": "https://securelist.com/bluenoroff-methods-bypass-motw/108383/" } ] } ] }