{ "type": "bundle", "id": "bundle--12323e0e-353f-4a36-9546-866c8fe994ea", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--0648e9f1-986a-40ab-8f6c-0495948f69ec", "created": "2023-05-23T01:10:41.336415Z", "modified": "2024-09-11T13:26:42.312985Z", "name": "Genians", "identity_class": "organization" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--ed5d9241-d125-4ec1-8fb1-8ec2b29d4db7", "value": "leon91729@zoho.com" }, { "type": "file", "spec_version": "2.1", "id": "file--c6425693-9101-4541-9829-eb92cc022fed", "hashes": { "MD5": "443a00feeb3beaea02b2fbcd4302a3c9" } }, { "type": "file", "spec_version": "2.1", "id": "file--8f4b7c7f-b745-486a-98a0-bf073a1ab17c", "hashes": { "MD5": "f6d72abf9ca654a20bbaf23ea1c10a55" } }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--02e2f1b8-e1eb-428f-ac08-372b2b6e7291", "value": "cloud-api.yandex.net" }, { "type": "file", "spec_version": "2.1", "id": "file--da92bfa6-3808-48be-9ffa-a93f3d967e0c", "hashes": { "MD5": "d5fe744b9623a0cc7f0ef6464c5530da" } }, { "type": "file", "spec_version": "2.1", "id": "file--701e810a-6007-4eeb-b6be-66e2170dc0a6", "hashes": { "MD5": "5ed95cde6c29432a4f7dc48602f82734" } }, { "type": "file", "spec_version": "2.1", "id": "file--837bfec8-3670-42f4-95bd-5a78ef18027b", "hashes": { "MD5": "fd9099005f133f95a5b699ab30a2f79b" } }, { "type": "file", "spec_version": "2.1", "id": "file--697e2c8f-898f-4983-9795-7573209f476d", "hashes": { "MD5": "ae7e18a62abb7f93b657276dcae985b9" } }, { "type": "file", "spec_version": "2.1", "id": "file--ce9bdb71-e9be-478e-9534-dadcca041a0c", "hashes": { "MD5": "e4813c34fe2327de1a94c51e630213d1" } }, { "type": "file", "spec_version": "2.1", "id": "file--45cf0081-76df-4e28-9958-e028abc3a422", "hashes": { "MD5": "64d729d0290e2c8ceaa6e38fa68e80e9" } }, { "type": "file", "spec_version": "2.1", "id": "file--43cba565-bd4c-4a6b-9c8c-4e8b22b95bc8", "hashes": { "MD5": "a2ee8d2aa9f79551eb5dd8f9610ad557" } }, { "type": "file", "spec_version": "2.1", "id": "file--565aaefb-a8c1-48d4-af3c-0c4ea6278342", "hashes": { "MD5": "e13c3a38ca58fb0fa9da753e857dd3d5" } }, { "type": "file", "spec_version": "2.1", "id": "file--4157b14f-e634-458e-b71a-e86eb1e56e1d", "hashes": { "MD5": "16a8aaaf2e3125668e6bfb1705a065f9" } }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--73a19fd4-2617-40dc-a6da-d3ccd2610b81", "value": "leon24609@gmail.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--2603dd42-6d47-441a-b5ac-6c00cf501b69", "value": "reddy.kappeta@yandex.com" }, { "type": "email-addr", "spec_version": "2.1", "id": "email-addr--f94875ef-c840-4fe7-98a9-941d4b4e2ee5", "value": "nusli.vakil@yandex.com" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--3be555f5-1f0d-5001-b84a-c6c910760fd0", "created": "2026-06-24T19:53:02.982787Z", "modified": "2026-06-24T19:53:02.982787Z", "name": "APT37" }, { "type": "report", "spec_version": "2.1", "id": "report--9f4cee35-dd92-4a8b-9f51-b84034b6253f", "created_by_ref": "identity--0648e9f1-986a-40ab-8f6c-0495948f69ec", "created": "2026-06-24T19:53:02.986898Z", "modified": "2026-06-24T19:53:02.986898Z", "name": "RoKRAT Shellcode and Steganographic Threats: Analysis and EDR Response Strategies", "published": "2025-08-03T00:00:00Z", "object_refs": [ "identity--0648e9f1-986a-40ab-8f6c-0495948f69ec", "email-addr--ed5d9241-d125-4ec1-8fb1-8ec2b29d4db7", "file--c6425693-9101-4541-9829-eb92cc022fed", "file--8f4b7c7f-b745-486a-98a0-bf073a1ab17c", "domain-name--02e2f1b8-e1eb-428f-ac08-372b2b6e7291", "file--da92bfa6-3808-48be-9ffa-a93f3d967e0c", "file--701e810a-6007-4eeb-b6be-66e2170dc0a6", "file--837bfec8-3670-42f4-95bd-5a78ef18027b", "file--697e2c8f-898f-4983-9795-7573209f476d", "file--ce9bdb71-e9be-478e-9534-dadcca041a0c", "file--45cf0081-76df-4e28-9958-e028abc3a422", "file--43cba565-bd4c-4a6b-9c8c-4e8b22b95bc8", "file--565aaefb-a8c1-48d4-af3c-0c4ea6278342", "file--4157b14f-e634-458e-b71a-e86eb1e56e1d", "email-addr--73a19fd4-2617-40dc-a6da-d3ccd2610b81", "email-addr--2603dd42-6d47-441a-b5ac-6c00cf501b69", "email-addr--f94875ef-c840-4fe7-98a9-941d4b4e2ee5", "threat-actor--3be555f5-1f0d-5001-b84a-c6c910760fd0" ], "external_references": [ { "source_name": "source", "url": "https://www.genians.co.kr/en/blog/threat_intelligence/rokrat_shellcode_steganographic" } ] } ] }