From ec6f1c31fb394f21ef82b715e93a0c9fcb3351c6 Mon Sep 17 00:00:00 2001 From: Jim Morris <161408203+jimmorris-git@users.noreply.github.com> Date: Fri, 6 Jun 2025 14:10:05 +0930 Subject: [PATCH] Delete database/IRA 2016 FaceMusic Malware/FaceMusic Malware Skeleton.json --- .../FaceMusic Malware Skeleton.json | 569 ------------------ 1 file changed, 569 deletions(-) delete mode 100644 database/IRA 2016 FaceMusic Malware/FaceMusic Malware Skeleton.json diff --git a/database/IRA 2016 FaceMusic Malware/FaceMusic Malware Skeleton.json b/database/IRA 2016 FaceMusic Malware/FaceMusic Malware Skeleton.json deleted file mode 100644 index c08823d..0000000 --- a/database/IRA 2016 FaceMusic Malware/FaceMusic Malware Skeleton.json +++ /dev/null @@ -1,569 +0,0 @@ -{ - "type": "bundle", - "id": "bundle--109cef74-72b4-4362-a84e-1f6f9bcf2b42", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.128Z", - "modified": "2024-09-05T06:55:56.128Z", - "objects": [ - { - "type": "extension-definition", - "id": "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4", - "spec_version": "2.1", - "created": "2022-08-02T19:34:35.143Z", - "modified": "2022-08-02T19:34:35.143Z", - "name": "Attack Flow", - "description": "Extends STIX 2.1 with features to create Attack Flows.", - "created_by_ref": "identity--fb9c968a-745b-4ade-9b25-c324172197f4", - "schema": "https://center-for-threat-informed-defense.github.io/attack-flow/stix/attack-flow-schema-2.0.0.json", - "version": "2.0.0", - "extension_types": [ - "new-sdo" - ], - "external_references": [ - { - "source_name": "Documentation", - "description": "Documentation for Attack Flow", - "url": "https://center-for-threat-informed-defense.github.io/attack-flow" - }, - { - "source_name": "GitHub", - "description": "Source code repository for Attack Flow", - "url": "https://github.com/center-for-threat-informed-defense/attack-flow" - } - ] - }, - { - "type": "identity", - "id": "identity--fb9c968a-745b-4ade-9b25-c324172197f4", - "spec_version": "2.1", - "created": "2022-08-02T19:34:35.143Z", - "modified": "2022-08-02T19:34:35.143Z", - "created_by_ref": "identity--fb9c968a-745b-4ade-9b25-c324172197f4", - "name": "MITRE Engenuity Center for Threat-Informed Defense", - "identity_class": "organization" - }, - { - "type": "attack-flow", - "id": "attack-flow--aa13f359-e745-41a0-b200-bf30de63253d", - "spec_version": "2.1", - "created": "2024-06-24T15:08:11.074Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "created_by_ref": "identity--6eb3c68f-a7d6-4822-9d7a-0a7806a21cb0", - "start_refs": [ - "attack-action--bf852db6-da70-48c6-a641-f0579cf3da07", - "attack-action--c7eeeec4-d878-4909-8dae-e1ff6079c37e", - "attack-action--4a928ea6-8165-4a99-8f9f-72c7ea3247b8", - "attack-action--58f5ca11-87ac-4a47-b87c-03a8986065ad", - "attack-action--97c6550f-8b32-4e20-b854-09a515267cd1", - "attack-action--9eb4c7e4-9606-4c6f-8c40-374d828dfa2a" - ], - "name": "FaceMusic Malware Skeleton", - "scope": "incident" - }, - { - "type": "identity", - "id": "identity--6eb3c68f-a7d6-4822-9d7a-0a7806a21cb0", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.128Z", - "modified": "2024-09-05T06:55:56.128Z", - "name": "Jim Morris" - }, - { - "type": "attack-action", - "id": "attack-action--bf852db6-da70-48c6-a641-f0579cf3da07", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Search Open Websites/Domains: Social Media", - "tactic_id": "TA0043", - "tactic_ref": "x-mitre-tactic--daa4cbb1-b4f4-4723-a824-7f1efd6e0592", - "technique_id": "T1593.001", - "technique_ref": "attack-pattern--bbe5b322-e2af-4a5e-9625-a4e62bf84ed3", - "effect_refs": [ - "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc", - "attack-action--aa3541b8-5e25-4743-a9f7-52fbbfc465e2", - "attack-action--e91f859f-bffe-4a76-a7d6-ed8bc34d2545" - ] - }, - { - "type": "attack-action", - "id": "attack-action--aa3541b8-5e25-4743-a9f7-52fbbfc465e2", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Establish Accounts: Social Media Accounts", - "tactic_id": "TA0042", - "tactic_ref": "x-mitre-tactic--d679bca2-e57d-4935-8650-8031c87a4400", - "technique_id": "T1585.001", - "technique_ref": "attack-pattern--b1ccd744-3f78-4a0e-9bb2-2002057f7928", - "effect_refs": [ - "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc" - ] - }, - { - "type": "attack-action", - "id": "attack-action--c7eeeec4-d878-4909-8dae-e1ff6079c37e", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Develop Capabilities: Malware", - "tactic_id": "TA0042", - "tactic_ref": "x-mitre-tactic--d679bca2-e57d-4935-8650-8031c87a4400", - "technique_id": "T1587.001", - "technique_ref": "attack-pattern--212306d8-efa4-44c9-8c2d-ed3d2e224aa0", - "effect_refs": [ - "attack-action--6fc41abf-e6bf-4327-9a34-3cc2c8e4a76c" - ] - }, - { - "type": "attack-action", - "id": "attack-action--b21d03be-19e7-456c-b4a4-18f503bdf91b", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Compromise Accounts: Social Media Accounts", - "tactic_id": "TA0042", - "tactic_ref": "x-mitre-tactic--d679bca2-e57d-4935-8650-8031c87a4400", - "technique_id": "T1586.001", - "technique_ref": "attack-pattern--274770e0-2612-4ccf-a678-ef8e7bad365d", - "effect_refs": [ - "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc" - ] - }, - { - "type": "attack-action", - "id": "attack-action--724af0b4-e1e4-4eb8-b27c-9a82e2f00373", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Compromise Infrastructure: Botnet", - "tactic_id": "TA0042", - "tactic_ref": "x-mitre-tactic--d679bca2-e57d-4935-8650-8031c87a4400", - "technique_id": "T1584.005", - "technique_ref": "attack-pattern--810d8072-afb6-4a56-9ee7-86379ac4a6f3", - "effect_refs": [ - "attack-action--b21d03be-19e7-456c-b4a4-18f503bdf91b", - "attack-action--36909774-ba84-4574-b51e-97ec000f57b3", - "attack-action--d908bc6c-d245-47ed-bcef-9b437b7588b8" - ] - }, - { - "type": "attack-action", - "id": "attack-action--6fc41abf-e6bf-4327-9a34-3cc2c8e4a76c", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Stage Capabilities: Upload Malware", - "tactic_id": "TA0042", - "tactic_ref": "x-mitre-tactic--d679bca2-e57d-4935-8650-8031c87a4400", - "technique_id": "T1608.001", - "technique_ref": "attack-pattern--3ee16395-03f0-4690-a32e-69ce9ada0f9e", - "effect_refs": [ - "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc" - ] - }, - { - "type": "attack-action", - "id": "attack-action--36909774-ba84-4574-b51e-97ec000f57b3", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Scheduled Task/Job", - "tactic_id": "TA0002", - "tactic_ref": "x-mitre-tactic--4ca45d45-df4d-4613-8980-bac22d278fa5", - "technique_id": "T1053", - "technique_ref": "attack-pattern--35dd844a-b219-4e2b-a6bb-efa9a75995a9", - "effect_refs": [ - "attack-action--a128830e-4f25-486c-a974-851f20148f1f", - "attack-action--34740e5a-711e-41c0-9bf9-9eebd109c2f5", - "attack-action--e94f2fa4-a946-4842-be9d-2ac8a55cd0ae" - ] - }, - { - "type": "attack-action", - "id": "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Drive-by Compromise", - "tactic_id": "TA0001", - "tactic_ref": "x-mitre-tactic--ffd5bcee-6e16-4dd2-8eca-7b3beedf33ca", - "technique_id": "T1189", - "technique_ref": "attack-pattern--d742a578-d70e-4d0e-96a6-02a9c30204e6", - "effect_refs": [ - "attack-action--724af0b4-e1e4-4eb8-b27c-9a82e2f00373", - "attack-action--34740e5a-711e-41c0-9bf9-9eebd109c2f5" - ] - }, - { - "type": "attack-action", - "id": "attack-action--34740e5a-711e-41c0-9bf9-9eebd109c2f5", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Browser Extensions", - "tactic_id": "TA0003", - "tactic_ref": "x-mitre-tactic--5bc1d813-693e-4823-9961-abf9af4b0e92", - "technique_id": "T1176", - "technique_ref": "attack-pattern--389735f1-f21c-4208-b8f0-f8031e7169b8", - "effect_refs": [ - "attack-action--e8b88f99-61ea-4c2e-96bb-1589e145e46a" - ] - }, - { - "type": "attack-action", - "id": "attack-action--a128830e-4f25-486c-a974-851f20148f1f", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Scheduled Task/Job", - "tactic_id": "TA0003", - "tactic_ref": "x-mitre-tactic--5bc1d813-693e-4823-9961-abf9af4b0e92", - "technique_id": "T1053", - "technique_ref": "attack-pattern--35dd844a-b219-4e2b-a6bb-efa9a75995a9", - "effect_refs": [ - "attack-action--e8b88f99-61ea-4c2e-96bb-1589e145e46a" - ] - }, - { - "type": "attack-action", - "id": "attack-action--b80fa8a2-9588-4fcc-8100-36b377bb9e00", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Divide", - "tactic_id": "TA02", - "technique_id": "T0079" - }, - { - "type": "attack-action", - "id": "attack-action--4a928ea6-8165-4a99-8f9f-72c7ea3247b8", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Determine Strategic Ends", - "tactic_id": "TA01", - "technique_id": "T0074", - "effect_refs": [ - "attack-action--b80fa8a2-9588-4fcc-8100-36b377bb9e00", - "attack-action--9ca8275f-d019-448a-8289-045a233e62a4", - "attack-action--e91f859f-bffe-4a76-a7d6-ed8bc34d2545", - "attack-action--dd155896-be40-4941-9a35-aca3d93495f0" - ] - }, - { - "type": "attack-action", - "id": "attack-action--9ca8275f-d019-448a-8289-045a233e62a4", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Distract", - "tactic_id": "TA02", - "technique_id": "T0077" - }, - { - "type": "attack-action", - "id": "attack-action--4eb0fa83-73af-4236-af00-cf95bea4b0ef", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Leverage Existing Narratives", - "tactic_id": "TA14", - "technique_id": "T0003", - "effect_refs": [ - "attack-action--a691b9b9-0fbd-4987-ab37-850ef7c58963", - "attack-operator--830ccd5d-a141-447e-a4d3-3167fd1ad6da" - ] - }, - { - "type": "attack-action", - "id": "attack-action--a691b9b9-0fbd-4987-ab37-850ef7c58963", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Generate Information Pollution", - "tactic_id": "TA06", - "technique_id": "T0019" - }, - { - "type": "attack-action", - "id": "attack-action--dd155896-be40-4941-9a35-aca3d93495f0", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Segment Audiences: Political Segmentation", - "tactic_id": "TA13", - "technique_id": "T0072.005" - }, - { - "type": "attack-action", - "id": "attack-action--8578d49e-3b36-4ae8-b370-8999d1f27ee8", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Respond to Breaking News Event or Active Crisis", - "tactic_id": "TA14", - "technique_id": "T0068", - "effect_refs": [ - "attack-action--a691b9b9-0fbd-4987-ab37-850ef7c58963", - "attack-operator--830ccd5d-a141-447e-a4d3-3167fd1ad6da" - ] - }, - { - "type": "attack-action", - "id": "attack-action--9cdc6539-f4f9-40fd-944c-2a0fec470859", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Integrate Target Audience Vulnerabilities into Narrative", - "tactic_id": "TA14", - "technique_id": "T0083", - "effect_refs": [ - "attack-action--a691b9b9-0fbd-4987-ab37-850ef7c58963", - "attack-operator--830ccd5d-a141-447e-a4d3-3167fd1ad6da" - ] - }, - { - "type": "attack-action", - "id": "attack-action--58f5ca11-87ac-4a47-b87c-03a8986065ad", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Create Inauthentic Websites", - "tactic_id": "TA15", - "technique_id": "T0013", - "effect_refs": [ - "attack-action--6fc41abf-e6bf-4327-9a34-3cc2c8e4a76c" - ] - }, - { - "type": "attack-action", - "id": "attack-action--97c6550f-8b32-4e20-b854-09a515267cd1", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Build Network: Create Community of Sub-group", - "tactic_id": "TA15", - "technique_id": "T0092.003", - "effect_refs": [ - "attack-action--aa3541b8-5e25-4743-a9f7-52fbbfc465e2" - ] - }, - { - "type": "attack-action", - "id": "attack-action--d908bc6c-d245-47ed-bcef-9b437b7588b8", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Acquire/Recruit Network: Acquire Botnets", - "tactic_id": "TA15", - "technique_id": "T0093.002", - "effect_refs": [ - "attack-action--36909774-ba84-4574-b51e-97ec000f57b3", - "attack-action--e94f2fa4-a946-4842-be9d-2ac8a55cd0ae" - ] - }, - { - "type": "attack-action", - "id": "attack-action--9eb4c7e4-9606-4c6f-8c40-374d828dfa2a", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Deliver Ads: Social Media", - "tactic_id": "TA09", - "technique_id": "T0114.001", - "effect_refs": [ - "attack-action--035271b6-c2d3-4d0a-8afa-84b89c3ca6bc" - ] - }, - { - "type": "attack-action", - "id": "attack-action--e94f2fa4-a946-4842-be9d-2ac8a55cd0ae", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Flooding the Information Space: Bots Amplify via Automated Forwarding and Reposting", - "tactic_id": "TA17", - "technique_id": "T0049.003", - "effect_refs": [ - "attack-action--e8b88f99-61ea-4c2e-96bb-1589e145e46a" - ] - }, - { - "type": "attack-action", - "id": "attack-action--e8b88f99-61ea-4c2e-96bb-1589e145e46a", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Continue to Amplify", - "tactic_id": "TA11", - "technique_id": "T0060", - "effect_refs": [ - "attack-action--36909774-ba84-4574-b51e-97ec000f57b3" - ] - }, - { - "type": "attack-action", - "id": "attack-action--e91f859f-bffe-4a76-a7d6-ed8bc34d2545", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "name": "Determine Target Audiences", - "tactic_id": "TA01", - "technique_id": "T0073", - "effect_refs": [ - "attack-action--dd155896-be40-4941-9a35-aca3d93495f0", - "attack-action--9cdc6539-f4f9-40fd-944c-2a0fec470859", - "attack-action--8578d49e-3b36-4ae8-b370-8999d1f27ee8", - "attack-action--4eb0fa83-73af-4236-af00-cf95bea4b0ef" - ] - }, - { - "type": "attack-operator", - "id": "attack-operator--830ccd5d-a141-447e-a4d3-3167fd1ad6da", - "spec_version": "2.1", - "created": "2024-09-05T06:55:56.129Z", - "modified": "2024-09-05T06:55:56.129Z", - "extensions": { - "extension-definition--fb9c968a-745b-4ade-9b25-c324172197f4": { - "extension_type": "new-sdo" - } - }, - "operator": "AND", - "effect_refs": [ - "attack-action--e94f2fa4-a946-4842-be9d-2ac8a55cd0ae", - "attack-action--aa3541b8-5e25-4743-a9f7-52fbbfc465e2" - ] - } - ] -} \ No newline at end of file