{
    "type": "bundle",
    "id": "bundle--1c3fd4a5-5414-4901-85fa-fc2f195581f7",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--2b55834f-c58d-4a3a-9740-af8333c86d5e",
            "created": "2023-10-24T11:28:20.610044Z",
            "modified": "2023-10-24T11:29:09.958473Z",
            "name": "Hawkeye",
            "identity_class": "organization"
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--26332748-6cfb-4723-8d2e-138de58fdef6",
            "hashes": {
                "SHA-256": "db6a9934570fa98a93a979e7e0e218e0c9710e5a787b18c6948f2eedd9338984"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--18ad5547-1b26-49ae-9bb0-48028809553d",
            "hashes": {
                "SHA-256": "ed8ec7a8dd089019cfd29143f008fa0951c56a35d73b2e1b274315152d0c0ee6"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--a95c041a-5998-4fab-9c13-ec63a39f4ca4",
            "hashes": {
                "SHA-256": "05e9fe8e9e693cb073ba82096c291145c953ca3a3f8b3974f9c66d15c1a3a11d"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--98326066-b585-4c18-af4b-114ac6d2b5ad",
            "hashes": {
                "SHA-256": "773760fd71d52457ba53a314f15dddb1a74e8b2f5a90e5e150dea48a21aa76df"
            }
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--fdc9cb7a-b371-4063-ac5f-3f3ca6ea32cb",
            "hashes": {
                "SHA-256": "e3027062e602c5d1812c039739e2f93fc78341a67b77692567a4690935123abe"
            }
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--5a9abb36-d207-48e1-bace-de919320ba18",
            "value": "108.61.186.55"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--06f50cf1-7968-4abe-86a9-75e309a6d3a4",
            "value": "146.4.21.94"
        },
        {
            "type": "ipv4-addr",
            "spec_version": "2.1",
            "id": "ipv4-addr--cb01a9a6-ef83-4dd8-bbcb-4ab89d655545",
            "value": "109.248.150.13"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--108d8aad-dd37-4f24-9a4a-7af5cc03303d",
            "created_by_ref": "identity--2b55834f-c58d-4a3a-9740-af8333c86d5e",
            "created": "2026-06-24T21:04:05.225615Z",
            "modified": "2026-06-24T21:04:05.225615Z",
            "name": "Lazarus Exploits a Zoho ManageEngine Vulnerability to Distribute QuiteRAT and CollectionRAT",
            "published": "2023-09-22T00:00:00Z",
            "object_refs": [
                "identity--2b55834f-c58d-4a3a-9740-af8333c86d5e",
                "file--26332748-6cfb-4723-8d2e-138de58fdef6",
                "file--18ad5547-1b26-49ae-9bb0-48028809553d",
                "file--a95c041a-5998-4fab-9c13-ec63a39f4ca4",
                "file--98326066-b585-4c18-af4b-114ac6d2b5ad",
                "file--fdc9cb7a-b371-4063-ac5f-3f3ca6ea32cb",
                "ipv4-addr--5a9abb36-d207-48e1-bace-de919320ba18",
                "ipv4-addr--06f50cf1-7968-4abe-86a9-75e309a6d3a4",
                "ipv4-addr--cb01a9a6-ef83-4dd8-bbcb-4ab89d655545"
            ],
            "external_references": [
                {
                    "source_name": "source",
                    "url": "https://www.hawk-eye.io/2023/09/lazarus-exploits-a-zoho-manageengine-vulnerability-to-distribute-quiterat-and-collectionrat/"
                }
            ]
        }
    ]
}