{
    "type": "bundle",
    "id": "bundle--5479ecfa-7183-4ee8-9024-6c0fcedfee75",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--243c3ae6-45e8-41db-8bdd-4897aaae4670",
            "created": "2023-03-08T12:51:43.142167Z",
            "modified": "2023-05-13T00:24:09.959414Z",
            "name": "PolySwarm",
            "identity_class": "organization"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--4583d771-81eb-48a4-a56b-e1d17250f0d0",
            "hashes": {
                "SHA-256": "3c8dbfcbb4fccbaf924f9a650a04cb4715f4a58d51ef49cc75bfcef0ac258a3e"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--55ef2c9a-9ba8-4d8e-8cf9-93d02f9c7c74",
            "hashes": {
                "SHA-256": "0b5db31e47b0dccfdec46e74c0e70c6a1684768dbacc9eacbb4fd2ef851994c7"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--3a72ed22-cbb7-4c2e-a04c-7efb659a4dae",
            "hashes": {
                "SHA-256": "5c907b722c53a5be256dc5f96b755bc9e0b032cc30973a52d984d4174bace456"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--1f056116-8d0f-49f1-9cab-f278bf62a567",
            "hashes": {
                "SHA-256": "bfd74b4a1b413fa785a49ca4a9c0594441a3e01983fc7f86125376fdbd4acf6b"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--9271880c-0207-459b-a310-068530af9c99",
            "hashes": {
                "SHA-256": "f3b0da965a4050ab00fce727bb31e0f889a9c05d68d777a8068cfc15a71d3703"
            }
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--e9f35cea-fd6e-5fc7-a5b9-2894700cb511",
            "created": "2026-06-24T19:23:53.035849Z",
            "modified": "2026-06-24T19:23:53.035849Z",
            "name": "LabyrinthChollima"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--cf0abd72-bab7-4918-aa79-fd08a38f0e23",
            "created_by_ref": "identity--243c3ae6-45e8-41db-8bdd-4897aaae4670",
            "created": "2026-06-24T19:23:53.043387Z",
            "modified": "2026-06-24T19:23:53.043387Z",
            "name": "Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT",
            "published": "2024-09-30T00:00:00Z",
            "object_refs": [
                "identity--243c3ae6-45e8-41db-8bdd-4897aaae4670",
                "file--4583d771-81eb-48a4-a56b-e1d17250f0d0",
                "file--55ef2c9a-9ba8-4d8e-8cf9-93d02f9c7c74",
                "file--3a72ed22-cbb7-4c2e-a04c-7efb659a4dae",
                "file--1f056116-8d0f-49f1-9cab-f278bf62a567",
                "file--9271880c-0207-459b-a310-068530af9c99",
                "threat-actor--e9f35cea-fd6e-5fc7-a5b9-2894700cb511"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://blog.polyswarm.io/labyrinth-chollima-using-poisoned-python-packages-to-deliver-pondrat"
                }
            ]
        }
    ]
}