{
    "type": "bundle",
    "id": "bundle--71a86c74-a778-4b83-8572-e8676d72fbf3",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--a5882289-a378-468a-83db-d6aadb5937d7",
            "created": "2025-01-31T09:24:41.436802Z",
            "modified": "2025-01-31T09:32:25.332836Z",
            "name": "Socket",
            "identity_class": "organization"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--44b1f00e-bd6e-48fd-9415-5539d9946f9d",
            "value": "45.61.151.71"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--fe80cff9-5dd7-4790-8c47-c50dc00bc063",
            "value": "185.153.182.241"
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--17d39720-fc71-4b0b-8f50-499bfe56c44c",
            "value": "https://m21gk.wiremockapi.cloud/g/api/880"
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--d62269d5-7cc6-49a7-bf4e-943175012c36",
            "value": "https://mocki.io/v1/32f16c80-602a-4c80-80af-32a9b8220a6b"
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--6767ce46-c757-4732-bb84-9956e1940e6f",
            "value": "m21gk.wiremockapi.cloud"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--f0aa0909-fbbf-45d8-982f-978a1755c75a",
            "value": "144.172.87.27"
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--517f1d6a-514b-592b-8216-43a310ad6d08",
            "created": "2026-06-24T22:43:38.445494Z",
            "modified": "2026-06-24T22:43:38.445494Z",
            "name": "ContagiousInterview"
        },
        {
            "type": "threat-actor",
            "spec_version": "2.1",
            "id": "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b",
            "created": "2026-06-24T22:43:38.450134Z",
            "modified": "2026-06-24T22:43:38.450134Z",
            "name": "Lazarus"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--83dfb156-e34e-4608-a7b4-86e343bee65e",
            "created_by_ref": "identity--a5882289-a378-468a-83db-d6aadb5937d7",
            "created": "2026-06-24T22:43:38.451433Z",
            "modified": "2026-06-24T22:43:38.451433Z",
            "name": "Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads",
            "published": "2025-04-04T00:00:00Z",
            "object_refs": [
                "identity--a5882289-a378-468a-83db-d6aadb5937d7",
                "ipv4-addr--44b1f00e-bd6e-48fd-9415-5539d9946f9d",
                "ipv4-addr--fe80cff9-5dd7-4790-8c47-c50dc00bc063",
                "url--17d39720-fc71-4b0b-8f50-499bfe56c44c",
                "url--d62269d5-7cc6-49a7-bf4e-943175012c36",
                "domain-name--6767ce46-c757-4732-bb84-9956e1940e6f",
                "ipv4-addr--f0aa0909-fbbf-45d8-982f-978a1755c75a",
                "threat-actor--517f1d6a-514b-592b-8216-43a310ad6d08",
                "threat-actor--af08d5c9-f507-5ed5-9986-7ffea3df195b"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://socket.dev/blog/lazarus-expands-malicious-npm-campaign-11-new-packages-add-malware-loaders-and-bitbucket"
                }
            ]
        }
    ]
}