event: connected data: {"lastEventId":"1730365806437-0","firstEventId":"1702288305968-0","firstEventDate":"2023-12-11T09:51:45.968Z","lastEventDate":"2024-10-31T09:10:06.437Z","streamSize":26634,"connectionId":"2cb85f92-bcb6-4307-929b-2942dc3a281f"} = CREATION OF A REPORT ======== = = = 1 event for report creation = =============================== id: 1730369750715-0 event: create data: {"version":"4","type":"create","scope":"external","message":"creates a Report `Report test`","origin":{"socket":"query","ip":"::1","user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","group_ids":["0dfd286b-1099-4449-8319-90eebf1c667d","eb019ce7-a17c-40c4-b2fa-6e9c642b59bc"],"organization_ids":[],"user_metadata":{},"referer":"http://localhost:3000/dashboard/analyses/reports?searchTerm=&sortBy=published&orderAsc=false&redirectionMode=overview&pageSize=10"},"data":{"id":"report--a31e2d0e-adbb-5781-a3ac-32ad7fdea614","spec_version":"2.1","type":"report","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"9b056e1f-7b17-433b-8173-cb607030365c","type":"Report","created_at":"2024-10-31T10:15:50.672Z","updated_at":"2024-10-31T10:15:50.672Z","is_inferred":false,"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"workflow_id":"6cb918f5-c382-44b7-b71e-f22a8f2edee1","labels_ids":["51432378-a23b-438e-9f39-5d6b8b0cd072"]}},"created":"2024-10-31T10:15:37.000Z","modified":"2024-10-31T10:15:50.672Z","revoked":false,"confidence":100,"lang":"en","labels":["aaa"],"name":"Report test","published":"2024-10-31T10:15:37.000Z"}} = SHARED THE REPORT WITH AN ORGA ============================= = = = 1 event for orga creation = = 1 event for relation 'shared with' between report and orga = ============================================================== id: 1730369786870-0 event: create data: {"data":{"id":"identity--f29f12ba-3980-5642-9b3e-d11e9b296aed","spec_version":"2.1","type":"identity","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"f184e561-d1c6-4d0a-aa7b-5ca77af3d8ac","type":"Organization","created_at":"2024-07-30T09:11:38.364Z","updated_at":"2024-07-30T09:12:27.634Z","is_inferred":false,"creator_ids":["bb92cd47-cc4a-43fd-917e-08a1036402cf"],"labels_ids":["bffa6e8a-478c-477a-8713-8981bb821393"]}},"created":"2024-07-30T09:07:07.780Z","modified":"2024-07-30T09:12:27.634Z","revoked":false,"confidence":100,"lang":"en","labels":["vulnerability"],"name":"CrowdStrike","identity_class":"organization"},"message":"creates a Organization `CrowdStrike`","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369786870-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `CrowdStrike` in `Shared with`","origin":{"socket":"query","ip":"::1","user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","group_ids":["0dfd286b-1099-4449-8319-90eebf1c667d","eb019ce7-a17c-40c4-b2fa-6e9c642b59bc"],"organization_ids":[],"user_metadata":{},"referer":"http://localhost:3000/dashboard/analyses/reports/9b056e1f-7b17-433b-8173-cb607030365c"},"data":{"id":"report--a31e2d0e-adbb-5781-a3ac-32ad7fdea614","spec_version":"2.1","type":"report","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"9b056e1f-7b17-433b-8173-cb607030365c","type":"Report","created_at":"2024-10-31T10:15:50.672Z","updated_at":"2024-10-31T10:15:50.693Z","is_inferred":false,"granted_refs":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"workflow_id":"6cb918f5-c382-44b7-b71e-f22a8f2edee1","labels_ids":["51432378-a23b-438e-9f39-5d6b8b0cd072"]}},"created":"2024-10-31T10:15:37.000Z","modified":"2024-10-31T10:15:50.693Z","revoked":false,"confidence":100,"lang":"en","labels":["aaa"],"name":"Report test","published":"2024-10-31T10:15:37.000Z"},"context":{"patch":[{"op":"add","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs","value":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"]}],"reverse_patch":[{"op":"remove","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs"}]}} = ADD A MALWARE IN REPORT ===================================== = = = 1 event for malware marking creation = = 1 event for malware creation = = 1 event for relation 'contains' between report and malware = = 1 event for relation 'shared with' between malware and orga = =============================================================== id: 1730369831282-0 event: create data: {"data":{"id":"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9","spec_version":"2.1","type":"marking-definition","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"251db84c-048e-4855-a9b0-cb4f2b1c18e2","type":"Marking-Definition","created_at":"2024-02-22T14:49:41.297Z","updated_at":"2024-02-22T14:51:10.744Z","is_inferred":false,"creator_ids":["6a4b11e1-90ca-4e42-ba42-db7bc7f7d505","88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"order":1,"color":"#ffffff"}},"created":"2024-02-22T14:49:41.297Z","modified":"2024-02-22T14:51:10.744Z","name":"TLP:CLEAR","definition_type":"TLP"},"message":"creates a Marking-Definition `TLP:CLEAR`","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369831282-0 event: create data: {"data":{"id":"malware--128e419b-42a1-55cd-a74c-74c01ec564fa","spec_version":"2.1","type":"malware","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"39d2d2f0-2c77-4135-b396-d2901c289691","type":"Malware","created_at":"2024-03-19T09:46:07.766Z","updated_at":"2024-09-02T12:47:55.359Z","is_inferred":false,"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"]}},"created":"2024-03-19T09:32:21.407Z","modified":"2024-03-19T09:46:07.784Z","revoked":false,"confidence":100,"lang":"en","object_marking_refs":["marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"],"name":"MASEPIE","is_family":false},"message":"creates a Malware `MASEPIE`","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369831282-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `MASEPIE` in `Contains`","origin":{"socket":"query","ip":"::1","user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","group_ids":["0dfd286b-1099-4449-8319-90eebf1c667d","eb019ce7-a17c-40c4-b2fa-6e9c642b59bc"],"organization_ids":[],"user_metadata":{},"referer":"http://localhost:3000/dashboard/analyses/reports/9b056e1f-7b17-433b-8173-cb607030365c/entities"},"data":{"id":"report--a31e2d0e-adbb-5781-a3ac-32ad7fdea614","spec_version":"2.1","type":"report","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"9b056e1f-7b17-433b-8173-cb607030365c","type":"Report","created_at":"2024-10-31T10:15:50.672Z","updated_at":"2024-10-31T10:16:26.843Z","is_inferred":false,"granted_refs":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"workflow_id":"6cb918f5-c382-44b7-b71e-f22a8f2edee1","labels_ids":["51432378-a23b-438e-9f39-5d6b8b0cd072"]}},"created":"2024-10-31T10:15:37.000Z","modified":"2024-10-31T10:16:26.843Z","revoked":false,"confidence":100,"lang":"en","labels":["aaa"],"name":"Report test","published":"2024-10-31T10:15:37.000Z","object_refs":["malware--128e419b-42a1-55cd-a74c-74c01ec564fa"]},"context":{"patch":[{"op":"add","path":"/object_refs","value":["malware--128e419b-42a1-55cd-a74c-74c01ec564fa"]}],"reverse_patch":[{"op":"remove","path":"/object_refs"}]}} id: 1730369833852-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `CrowdStrike` in `Shared with`","origin":{"user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","referer":"background_task"},"data":{"id":"malware--128e419b-42a1-55cd-a74c-74c01ec564fa","spec_version":"2.1","type":"malware","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"39d2d2f0-2c77-4135-b396-d2901c289691","type":"Malware","created_at":"2024-03-19T09:46:07.766Z","updated_at":"2024-09-02T12:47:55.359Z","is_inferred":false,"granted_refs":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"]}},"created":"2024-03-19T09:32:21.407Z","modified":"2024-03-19T09:46:07.784Z","revoked":false,"confidence":100,"lang":"en","object_marking_refs":["marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"],"name":"MASEPIE","is_family":false},"context":{"patch":[{"op":"add","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs","value":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"]}],"reverse_patch":[{"op":"remove","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs"}]}} = ADD A TRHEAT ACTOR GROUP IN REPORT ====================== = = = 1 event for TAG marking creation = = 1 event for TAG creation = = 1 event for relation 'contains' between report and TAG = = 1 event for relation 'shared with' between TAG and orga = =========================================================== id: 1730369843624-0 event: create data: {"data":{"id":"marking-definition--907bb632-e3c2-52fa-b484-cf166a7d377c","spec_version":"2.1","type":"marking-definition","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"641eeccf-0c90-471c-8bf1-5d1664b6f241","type":"Marking-Definition","created_at":"2024-02-22T14:51:09.796Z","updated_at":"2024-02-22T14:51:09.796Z","stix_ids":["marking-definition--78ca4366-f5b8-4764-83f7-34ce38198e27"],"is_inferred":false,"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"order":3,"color":"#ffffff"}},"created":"2020-02-25T09:02:29.040Z","modified":"2024-02-22T14:51:09.796Z","name":"TLP:TEST","definition_type":"TLP"},"message":"creates a Marking-Definition `TLP:TEST`","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369843624-0 event: create data: {"data":{"id":"threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd","spec_version":"2.1","type":"threat-actor","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"b0dd499a-84dd-4960-b3ea-5292021c4d3b","type":"Threat-Actor-Group","created_at":"2024-02-22T14:51:11.699Z","updated_at":"2024-05-23T15:23:43.513Z","stix_ids":["threat-actor--dfaa8d77-07e2-4e28-b2c8-92e9f7b04428"],"is_inferred":false,"granted_refs":["identity--18fe5225-fee1-5627-ad3e-20c14435b024"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"labels_ids":["2691ceb2-0957-4131-850f-0eef5dd01357"]}},"created":"2018-11-19T23:39:03.893Z","modified":"2024-05-23T15:23:43.513Z","revoked":false,"confidence":100,"lang":"en","labels":["andromeda"],"object_marking_refs":["marking-definition--907bb632-e3c2-52fa-b484-cf166a7d377c"],"name":"Disco Team Threat Actor Group","description":"This organized threat actor group operates to create profit from all types of crime.","threat_actor_types":["crime-syndicate"],"aliases":["Equipo del Discoteca"],"goals":["Steal Credit Card Information"],"sophistication":"expert","resource_level":"organization","primary_motivation":"personal-gain"},"message":"creates a Threat-Actor-Group `Disco Team Threat Actor Group`","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369843624-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `Disco Team Threat Actor Group` in `Contains`","origin":{"socket":"query","ip":"::1","user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","group_ids":["0dfd286b-1099-4449-8319-90eebf1c667d","eb019ce7-a17c-40c4-b2fa-6e9c642b59bc"],"organization_ids":[],"user_metadata":{},"referer":"http://localhost:3000/dashboard/analyses/reports/9b056e1f-7b17-433b-8173-cb607030365c/entities"},"data":{"id":"report--a31e2d0e-adbb-5781-a3ac-32ad7fdea614","spec_version":"2.1","type":"report","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"9b056e1f-7b17-433b-8173-cb607030365c","type":"Report","created_at":"2024-10-31T10:15:50.672Z","updated_at":"2024-10-31T10:17:11.165Z","is_inferred":false,"granted_refs":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"workflow_id":"6cb918f5-c382-44b7-b71e-f22a8f2edee1","labels_ids":["51432378-a23b-438e-9f39-5d6b8b0cd072"]}},"created":"2024-10-31T10:15:37.000Z","modified":"2024-10-31T10:17:11.165Z","revoked":false,"confidence":100,"lang":"en","labels":["aaa"],"name":"Report test","published":"2024-10-31T10:15:37.000Z","object_refs":["malware--128e419b-42a1-55cd-a74c-74c01ec564fa","threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd"]},"context":{"patch":[{"op":"add","path":"/object_refs/1","value":"threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd"}],"reverse_patch":[{"op":"remove","path":"/object_refs/1"}]}} id: 1730369843919-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `CrowdStrike` in `Shared with`","origin":{"user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","referer":"background_task"},"data":{"id":"threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd","spec_version":"2.1","type":"threat-actor","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"b0dd499a-84dd-4960-b3ea-5292021c4d3b","type":"Threat-Actor-Group","created_at":"2024-02-22T14:51:11.699Z","updated_at":"2024-05-23T15:23:43.513Z","stix_ids":["threat-actor--dfaa8d77-07e2-4e28-b2c8-92e9f7b04428"],"is_inferred":false,"granted_refs":["identity--18fe5225-fee1-5627-ad3e-20c14435b024","identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"labels_ids":["2691ceb2-0957-4131-850f-0eef5dd01357"]}},"created":"2018-11-19T23:39:03.893Z","modified":"2024-05-23T15:23:43.513Z","revoked":false,"confidence":100,"lang":"en","labels":["andromeda"],"object_marking_refs":["marking-definition--907bb632-e3c2-52fa-b484-cf166a7d377c"],"name":"Disco Team Threat Actor Group","description":"This organized threat actor group operates to create profit from all types of crime.","threat_actor_types":["crime-syndicate"],"aliases":["Equipo del Discoteca"],"goals":["Steal Credit Card Information"],"sophistication":"expert","resource_level":"organization","primary_motivation":"personal-gain"},"context":{"patch":[{"op":"add","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs/1","value":"identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"}],"reverse_patch":[{"op":"remove","path":"/extensions/extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba/granted_refs/1"}]}} = ADD A RELATION 'uses' BETWEEN TAG AND MALWARE =========== = = = 1 event for rel ceration = = 1 event for relation 'contains' between report and rel = = THERE IS NOT EVENT FOR SHARING THE REL WITH ORGA = =========================================================== id: 1730369893836-0 event: create data: {"data":{"id":"relationship--5c5eacf0-3eff-4336-815e-61bafde9ff12","spec_version":"2.1","type":"relationship","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"7e129d4b-c62f-4345-8e3a-dea67df1de6b","type":"uses","created_at":"2024-10-31T10:18:13.352Z","updated_at":"2024-10-31T10:18:13.352Z","is_inferred":false,"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"source_value":"Disco Team Threat Actor Group","source_ref":"b0dd499a-84dd-4960-b3ea-5292021c4d3b","source_type":"Threat-Actor-Group","source_ref_object_marking_refs":["641eeccf-0c90-471c-8bf1-5d1664b6f241"],"source_ref_granted_refs":["9690f69a-df8a-44d3-a08b-ae73690ea072","f184e561-d1c6-4d0a-aa7b-5ca77af3d8ac"],"target_value":"MASEPIE","target_ref":"39d2d2f0-2c77-4135-b396-d2901c289691","target_type":"Malware","target_ref_object_marking_refs":["251db84c-048e-4855-a9b0-cb4f2b1c18e2"],"target_ref_granted_refs":["f184e561-d1c6-4d0a-aa7b-5ca77af3d8ac"]}},"created":"2024-10-31T10:18:13.352Z","modified":"2024-10-31T10:18:13.352Z","revoked":false,"confidence":100,"lang":"en","relationship_type":"uses","source_ref":"threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd","target_ref":"malware--128e419b-42a1-55cd-a74c-74c01ec564fa","start_time":"2024-10-31T10:17:05.000Z","stop_time":"2024-10-31T10:18:05.000Z"},"message":"creates the relation uses from `Disco Team Threat Actor Group` (Threat-Actor-Group) to `MASEPIE` (Malware)","origin":{"referer":"init-dependencies"},"version":"4"} id: 1730369893836-0 event: update data: {"version":"4","type":"update","scope":"external","message":"adds `Unknown` in `Contains`","origin":{"socket":"query","ip":"::1","user_id":"88ec0c6a-13ce-5e39-b486-354fe4a7084f","group_ids":["0dfd286b-1099-4449-8319-90eebf1c667d","eb019ce7-a17c-40c4-b2fa-6e9c642b59bc"],"organization_ids":[],"user_metadata":{},"referer":"http://localhost:3000/dashboard/analyses/reports/9b056e1f-7b17-433b-8173-cb607030365c/knowledge/graph?zoom=%7B%22k%22%3A3.4552846135176685%2C%22x%22%3A31.103995934696677%2C%22y%22%3A-13.678969364693971%7D&mode3D=false&selectRectangleModeFree=false&selectModeFree=false&selectModeFreeReady=true&modeFixed=false&modeTree=&displayTimeRange=false&selectedTimeRangeInterval=Wed+Oct+30+2024+00%3A00%3A00+GMT%2B0100+%28Central+European+Standard+Time%29%2CThu+Oct+31+2024+23%3A59%3A59+GMT%2B0100+%28Central+European+Standard+Time%29&stixCoreObjectsTypes=&markedBy=&createdBy=&width=null&height=null&zoomed=false&keyword=&openCreatedRelation=false"},"data":{"id":"report--a31e2d0e-adbb-5781-a3ac-32ad7fdea614","spec_version":"2.1","type":"report","extensions":{"extension-definition--ea279b3e-5c71-4632-ac08-831c66a786ba":{"extension_type":"property-extension","id":"9b056e1f-7b17-433b-8173-cb607030365c","type":"Report","created_at":"2024-10-31T10:15:50.672Z","updated_at":"2024-10-31T10:17:23.571Z","is_inferred":false,"granted_refs":["identity--f29f12ba-3980-5642-9b3e-d11e9b296aed"],"creator_ids":["88ec0c6a-13ce-5e39-b486-354fe4a7084f"],"workflow_id":"6cb918f5-c382-44b7-b71e-f22a8f2edee1","labels_ids":["51432378-a23b-438e-9f39-5d6b8b0cd072"]}},"created":"2024-10-31T10:15:37.000Z","modified":"2024-10-31T10:17:23.571Z","revoked":false,"confidence":100,"lang":"en","labels":["aaa"],"name":"Report test","published":"2024-10-31T10:15:37.000Z","object_refs":["threat-actor--fd6b0e6f-96e0-568d-ba24-8a140d0428cd","malware--128e419b-42a1-55cd-a74c-74c01ec564fa","relationship--5c5eacf0-3eff-4336-815e-61bafde9ff12"]},"context":{"patch":[{"op":"add","path":"/object_refs/2","value":"relationship--5c5eacf0-3eff-4336-815e-61bafde9ff12"}],"reverse_patch":[{"op":"remove","path":"/object_refs/2"}]}}