kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
513a7b488b80028473e89d74ffc92323eb33fcac
Aegis/backend/tests/fixtures/sample_stix_bundle.json

113 lines
3.3 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--test-001",
"spec_version": "2.0",
"objects": [
{
"type": "intrusion-set",
"id": "intrusion-set--test-apt1",
"name": "APT1",
"aliases": ["Comment Crew", "Comment Panda"],
"description": "APT1 is a Chinese cyber espionage group attributed to PLA Unit 61398.",
"first_seen": "2006-06-01T00:00:00Z",
"last_seen": "2023-12-31T00:00:00Z",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/groups/G0006/",
"external_id": "G0006"
},
{
"source_name": "Mandiant Report",
"url": "https://www.mandiant.com/resources/apt1-exposing-one-of-chinas-cyber-espionage-units",
"description": "Mandiant APT1 Report"
}
],
"created": "2017-05-31T21:31:48.664Z",
"modified": "2023-03-22T03:52:18.000Z"
},
{
"type": "intrusion-set",
"id": "intrusion-set--test-apt28",
"name": "APT28",
"aliases": ["Fancy Bear", "Sofacy", "Pawn Storm"],
"description": "APT28 is a threat group attributed to Russia's GRU military intelligence.",
"first_seen": "2004-01-01T00:00:00Z",
"last_seen": "2024-06-30T00:00:00Z",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/groups/G0007/",
"external_id": "G0007"
}
],
"created": "2017-05-31T21:31:48.664Z",
"modified": "2024-01-15T00:00:00.000Z"
},
{
"type": "attack-pattern",
"id": "attack-pattern--test-t1566",
"name": "Phishing",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/techniques/T1566/",
"external_id": "T1566"
}
]
},
{
"type": "attack-pattern",
"id": "attack-pattern--test-t1059",
"name": "Command and Scripting Interpreter",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/techniques/T1059/",
"external_id": "T1059"
}
]
},
{
"type": "attack-pattern",
"id": "attack-pattern--test-t1078",
"name": "Valid Accounts",
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/techniques/T1078/",
"external_id": "T1078"
}
]
},
{
"type": "relationship",
"id": "relationship--test-r1",
"relationship_type": "uses",
"source_ref": "intrusion-set--test-apt1",
"target_ref": "attack-pattern--test-t1566"
},
{
"type": "relationship",
"id": "relationship--test-r2",
"relationship_type": "uses",
"source_ref": "intrusion-set--test-apt1",
"target_ref": "attack-pattern--test-t1059"
},
{
"type": "relationship",
"id": "relationship--test-r3",
"relationship_type": "uses",
"source_ref": "intrusion-set--test-apt28",
"target_ref": "attack-pattern--test-t1566"
},
{
"type": "relationship",
"id": "relationship--test-r4",
"relationship_type": "uses",
"source_ref": "intrusion-set--test-apt28",
"target_ref": "attack-pattern--test-t1078"
}
]
}
Reference in New Issue View Git Blame Copy Permalink