@cccsaurora/howler-ui 2.14.0-dev.257 → 2.14.0-dev.263

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1468) hide show
  1. package/Notification-BHyOHttL.js +324 -0
  2. package/README.fr.md +39 -0
  3. package/README.md +29 -0
  4. package/TuiList-D7-CH2oS.js +48 -0
  5. package/api/action/execute.d.ts +3 -0
  6. package/api/action/execute.js +5 -0
  7. package/api/action/index.d.ts +10 -0
  8. package/api/action/index.js +11 -0
  9. package/api/action/operations.d.ts +3 -0
  10. package/api/action/operations.js +5 -0
  11. package/api/analytic/comments/index.d.ts +13 -0
  12. package/api/analytic/comments/index.js +9 -0
  13. package/api/analytic/comments/react.d.ts +3 -0
  14. package/api/analytic/comments/react.js +6 -0
  15. package/api/analytic/favourite.d.ts +7 -0
  16. package/api/analytic/favourite.js +6 -0
  17. package/api/analytic/index.d.ts +12 -0
  18. package/api/analytic/index.js +12 -0
  19. package/api/analytic/notebooks/index.d.ts +10 -0
  20. package/api/analytic/notebooks/index.js +6 -0
  21. package/api/analytic/owner.d.ts +5 -0
  22. package/api/analytic/owner.js +5 -0
  23. package/api/analytic/rules.d.ts +3 -0
  24. package/api/analytic/rules.js +5 -0
  25. package/api/auth/apikey.d.ts +8 -0
  26. package/api/auth/apikey.js +6 -0
  27. package/api/auth/index.d.ts +4 -0
  28. package/api/auth/index.js +6 -0
  29. package/api/auth/login.d.ts +14 -0
  30. package/api/auth/login.js +7 -0
  31. package/api/configs/index.d.ts +3 -0
  32. package/api/configs/index.js +5 -0
  33. package/api/dossier/hit.d.ts +2 -0
  34. package/api/dossier/hit.js +4 -0
  35. package/api/dossier/index.d.ts +8 -0
  36. package/api/dossier/index.js +9 -0
  37. package/api/help.d.ts +55 -0
  38. package/api/help.js +5 -0
  39. package/api/hit/assign.d.ts +3 -0
  40. package/api/hit/assign.js +5 -0
  41. package/api/hit/comments/index.d.ts +13 -0
  42. package/api/hit/comments/index.js +9 -0
  43. package/api/hit/comments/react.d.ts +3 -0
  44. package/api/hit/comments/react.js +6 -0
  45. package/api/hit/index.d.ts +35 -0
  46. package/api/hit/index.js +12 -0
  47. package/api/hit/labels.d.ts +5 -0
  48. package/api/hit/labels.js +6 -0
  49. package/api/hit/overwrite.d.ts +3 -0
  50. package/api/hit/overwrite.js +5 -0
  51. package/api/hit/transition.d.ts +4 -0
  52. package/api/hit/transition.js +5 -0
  53. package/api/index.d.ts +142 -0
  54. package/api/index.js +21 -0
  55. package/api/notebook/environments.d.ts +10 -0
  56. package/api/notebook/environments.js +5 -0
  57. package/api/notebook/index.d.ts +14 -0
  58. package/api/notebook/index.js +6 -0
  59. package/api/overview/index.d.ts +6 -0
  60. package/api/overview/index.js +8 -0
  61. package/api/search/action.d.ts +4 -0
  62. package/api/search/action.js +5 -0
  63. package/api/search/analytic.d.ts +4 -0
  64. package/api/search/analytic.js +5 -0
  65. package/api/search/count/hit.d.ts +3 -0
  66. package/api/search/count/hit.js +5 -0
  67. package/api/search/count/index.d.ts +10 -0
  68. package/api/search/count/index.js +5 -0
  69. package/api/search/dossier.d.ts +4 -0
  70. package/api/search/dossier.js +5 -0
  71. package/api/search/eql/hit.d.ts +4 -0
  72. package/api/search/eql/hit.js +5 -0
  73. package/api/search/facet/hit.d.ts +5 -0
  74. package/api/search/facet/hit.js +5 -0
  75. package/api/search/facet/index.d.ts +13 -0
  76. package/api/search/facet/index.js +5 -0
  77. package/api/search/fields/hit.d.ts +3 -0
  78. package/api/search/fields/hit.js +5 -0
  79. package/api/search/fields/index.d.ts +19 -0
  80. package/api/search/fields/index.js +8 -0
  81. package/api/search/fields/user.d.ts +3 -0
  82. package/api/search/fields/user.js +5 -0
  83. package/api/search/grouped/hit.d.ts +4 -0
  84. package/api/search/grouped/hit.js +5 -0
  85. package/api/search/grouped/index.d.ts +25 -0
  86. package/api/search/grouped/index.js +6 -0
  87. package/api/search/grouped/user.d.ts +7 -0
  88. package/api/search/grouped/user.js +5 -0
  89. package/api/search/histogram/hit.d.ts +3 -0
  90. package/api/search/histogram/hit.js +5 -0
  91. package/api/search/histogram/index.d.ts +14 -0
  92. package/api/search/histogram/index.js +5 -0
  93. package/api/search/hit.d.ts +7 -0
  94. package/api/search/hit.js +7 -0
  95. package/api/search/index.d.ts +53 -0
  96. package/api/search/index.js +17 -0
  97. package/api/search/overview.d.ts +4 -0
  98. package/api/search/overview.js +5 -0
  99. package/api/search/sigma/hit.d.ts +4 -0
  100. package/api/search/sigma/hit.js +5 -0
  101. package/api/search/template.d.ts +4 -0
  102. package/api/search/template.js +5 -0
  103. package/api/search/user.d.ts +7 -0
  104. package/api/search/user.js +5 -0
  105. package/api/search/view.d.ts +4 -0
  106. package/api/search/view.js +5 -0
  107. package/api/template/index.d.ts +6 -0
  108. package/api/template/index.js +8 -0
  109. package/api/user/avatar/index.d.ts +2 -0
  110. package/api/user/avatar/index.js +5 -0
  111. package/api/user/groups.d.ts +6 -0
  112. package/api/user/groups.js +5 -0
  113. package/api/user/index.d.ts +10 -0
  114. package/api/user/index.js +9 -0
  115. package/api/user/whoami.d.ts +3 -0
  116. package/api/user/whoami.js +5 -0
  117. package/api/view/favourite.d.ts +7 -0
  118. package/api/view/favourite.js +6 -0
  119. package/api/view/index.d.ts +8 -0
  120. package/api/view/index.js +9 -0
  121. package/assets/howler-ui.css +21 -0
  122. package/branding/AppBrand.d.ts +85 -0
  123. package/branding/AppBrand.js +135 -0
  124. package/commons/components/app/AppConfigs.d.ts +137 -0
  125. package/commons/components/app/AppConfigs.js +1 -0
  126. package/commons/components/app/AppConstants.d.ts +10 -0
  127. package/commons/components/app/AppConstants.js +14 -0
  128. package/commons/components/app/AppContexts.d.ts +105 -0
  129. package/commons/components/app/AppContexts.js +23 -0
  130. package/commons/components/app/AppDefaults.d.ts +6 -0
  131. package/commons/components/app/AppDefaults.js +42 -0
  132. package/commons/components/app/AppNotificationService.d.ts +6 -0
  133. package/commons/components/app/AppNotificationService.js +1 -0
  134. package/commons/components/app/AppProvider.d.ts +15 -0
  135. package/commons/components/app/AppProvider.js +44 -0
  136. package/commons/components/app/AppSearchService.d.ts +21 -0
  137. package/commons/components/app/AppSearchService.js +1 -0
  138. package/commons/components/app/AppSkeleton.d.ts +5 -0
  139. package/commons/components/app/AppSkeleton.js +259 -0
  140. package/commons/components/app/AppUserService.d.ts +17 -0
  141. package/commons/components/app/AppUserService.js +1 -0
  142. package/commons/components/app/hooks/index.d.ts +18 -0
  143. package/commons/components/app/hooks/index.js +40 -0
  144. package/commons/components/app/hooks/useApp.d.ts +1 -0
  145. package/commons/components/app/hooks/useApp.js +8 -0
  146. package/commons/components/app/hooks/useAppBanner.d.ts +1 -0
  147. package/commons/components/app/hooks/useAppBanner.js +14 -0
  148. package/commons/components/app/hooks/useAppBar.d.ts +1 -0
  149. package/commons/components/app/hooks/useAppBar.js +8 -0
  150. package/commons/components/app/hooks/useAppBarHeight.d.ts +2 -0
  151. package/commons/components/app/hooks/useAppBarHeight.js +26 -0
  152. package/commons/components/app/hooks/useAppBarScrollTrigger.d.ts +1 -0
  153. package/commons/components/app/hooks/useAppBarScrollTrigger.js +10 -0
  154. package/commons/components/app/hooks/useAppBreadcrumbs.d.ts +1 -0
  155. package/commons/components/app/hooks/useAppBreadcrumbs.js +8 -0
  156. package/commons/components/app/hooks/useAppConfigs.d.ts +59 -0
  157. package/commons/components/app/hooks/useAppConfigs.js +39 -0
  158. package/commons/components/app/hooks/useAppLanguage.d.ts +6 -0
  159. package/commons/components/app/hooks/useAppLanguage.js +23 -0
  160. package/commons/components/app/hooks/useAppLayout.d.ts +1 -0
  161. package/commons/components/app/hooks/useAppLayout.js +8 -0
  162. package/commons/components/app/hooks/useAppLeftNav.d.ts +1 -0
  163. package/commons/components/app/hooks/useAppLeftNav.js +8 -0
  164. package/commons/components/app/hooks/useAppLogo.d.ts +1 -0
  165. package/commons/components/app/hooks/useAppLogo.js +11 -0
  166. package/commons/components/app/hooks/useAppNotification.d.ts +1 -0
  167. package/commons/components/app/hooks/useAppNotification.js +8 -0
  168. package/commons/components/app/hooks/useAppQuickSearch.d.ts +1 -0
  169. package/commons/components/app/hooks/useAppQuickSearch.js +8 -0
  170. package/commons/components/app/hooks/useAppSearchService.d.ts +2 -0
  171. package/commons/components/app/hooks/useAppSearchService.js +8 -0
  172. package/commons/components/app/hooks/useAppSitemap.d.ts +13 -0
  173. package/commons/components/app/hooks/useAppSitemap.js +60 -0
  174. package/commons/components/app/hooks/useAppSwitcher.d.ts +1 -0
  175. package/commons/components/app/hooks/useAppSwitcher.js +8 -0
  176. package/commons/components/app/hooks/useAppTheme.d.ts +8 -0
  177. package/commons/components/app/hooks/useAppTheme.js +20 -0
  178. package/commons/components/app/hooks/useAppUser.d.ts +2 -0
  179. package/commons/components/app/hooks/useAppUser.js +8 -0
  180. package/commons/components/app/providers/AppBarProvider.d.ts +10 -0
  181. package/commons/components/app/providers/AppBarProvider.js +35 -0
  182. package/commons/components/app/providers/AppBreadcrumbsProvider.d.ts +6 -0
  183. package/commons/components/app/providers/AppBreadcrumbsProvider.js +41 -0
  184. package/commons/components/app/providers/AppLayoutProvider.d.ts +6 -0
  185. package/commons/components/app/providers/AppLayoutProvider.js +95 -0
  186. package/commons/components/app/providers/AppLeftNavProvider.d.ts +6 -0
  187. package/commons/components/app/providers/AppLeftNavProvider.js +29 -0
  188. package/commons/components/app/providers/AppNotificationProvider.d.ts +6 -0
  189. package/commons/components/app/providers/AppNotificationProvider.js +33 -0
  190. package/commons/components/app/providers/AppQuickSearchProvider.d.ts +8 -0
  191. package/commons/components/app/providers/AppQuickSearchProvider.js +26 -0
  192. package/commons/components/app/providers/AppSearchServiceProvider.d.ts +6 -0
  193. package/commons/components/app/providers/AppSearchServiceProvider.js +49 -0
  194. package/commons/components/app/providers/AppSnackbarProvider.d.ts +3 -0
  195. package/commons/components/app/providers/AppSnackbarProvider.js +14 -0
  196. package/commons/components/app/providers/AppSwitcherProvider.d.ts +6 -0
  197. package/commons/components/app/providers/AppSwitcherProvider.js +15 -0
  198. package/commons/components/app/providers/AppUserProvider.d.ts +8 -0
  199. package/commons/components/app/providers/AppUserProvider.js +18 -0
  200. package/commons/components/breadcrumbs/BreadcrumbIcon.d.ts +6 -0
  201. package/commons/components/breadcrumbs/BreadcrumbIcon.js +16 -0
  202. package/commons/components/breadcrumbs/BreadcrumbLastItem.d.ts +7 -0
  203. package/commons/components/breadcrumbs/BreadcrumbLastItem.js +40 -0
  204. package/commons/components/breadcrumbs/BreadcrumbLinkItem.d.ts +7 -0
  205. package/commons/components/breadcrumbs/BreadcrumbLinkItem.js +44 -0
  206. package/commons/components/breadcrumbs/BreadcrumbList.d.ts +11 -0
  207. package/commons/components/breadcrumbs/BreadcrumbList.js +74 -0
  208. package/commons/components/breadcrumbs/Breadcrumbs.d.ts +4 -0
  209. package/commons/components/breadcrumbs/Breadcrumbs.js +45 -0
  210. package/commons/components/display/AppAvatar.d.ts +8 -0
  211. package/commons/components/display/AppAvatar.js +28 -0
  212. package/commons/components/display/AppInfoPanel.d.ts +5 -0
  213. package/commons/components/display/AppInfoPanel.js +33 -0
  214. package/commons/components/display/AppListEmpty.d.ts +2 -0
  215. package/commons/components/display/AppListEmpty.js +8 -0
  216. package/commons/components/display/AppToc.d.ts +19 -0
  217. package/commons/components/display/AppToc.js +116 -0
  218. package/commons/components/display/hooks/useAppColor.d.ts +5 -0
  219. package/commons/components/display/hooks/useAppColor.js +15 -0
  220. package/commons/components/leftnav/LeftNavDrawer.d.ts +2 -0
  221. package/commons/components/leftnav/LeftNavDrawer.js +141 -0
  222. package/commons/components/leftnav/LeftNavGroup.d.ts +7 -0
  223. package/commons/components/leftnav/LeftNavGroup.js +125 -0
  224. package/commons/components/leftnav/LeftNavItem.d.ts +10 -0
  225. package/commons/components/leftnav/LeftNavItem.js +50 -0
  226. package/commons/components/notification/FeedModels.d.ts +64 -0
  227. package/commons/components/notification/FeedModels.js +91 -0
  228. package/commons/components/notification/Notification.d.ts +10 -0
  229. package/commons/components/notification/Notification.js +8 -0
  230. package/commons/components/notification/elements/NotificationCloseButton.d.ts +3 -0
  231. package/commons/components/notification/elements/NotificationCloseButton.js +8 -0
  232. package/commons/components/notification/elements/NotificationContainer.d.ts +16 -0
  233. package/commons/components/notification/elements/NotificationContainer.js +10 -0
  234. package/commons/components/notification/elements/NotificationEndOfPage.d.ts +5 -0
  235. package/commons/components/notification/elements/NotificationEndOfPage.js +41 -0
  236. package/commons/components/notification/elements/NotificationError.d.ts +2 -0
  237. package/commons/components/notification/elements/NotificationError.js +27 -0
  238. package/commons/components/notification/elements/NotificationHeader.d.ts +8 -0
  239. package/commons/components/notification/elements/NotificationHeader.js +41 -0
  240. package/commons/components/notification/elements/NotificationItems.d.ts +12 -0
  241. package/commons/components/notification/elements/NotificationItems.js +10 -0
  242. package/commons/components/notification/elements/NotificationSkeleton.d.ts +2 -0
  243. package/commons/components/notification/elements/NotificationSkeleton.js +54 -0
  244. package/commons/components/notification/elements/NotificationTopNavButton.d.ts +9 -0
  245. package/commons/components/notification/elements/NotificationTopNavButton.js +14 -0
  246. package/commons/components/notification/elements/item/NotificationItem.d.ts +5 -0
  247. package/commons/components/notification/elements/item/NotificationItem.js +10 -0
  248. package/commons/components/notification/elements/item/NotificationItemAuthor.d.ts +5 -0
  249. package/commons/components/notification/elements/item/NotificationItemAuthor.js +63 -0
  250. package/commons/components/notification/elements/item/NotificationItemContent.d.ts +3 -0
  251. package/commons/components/notification/elements/item/NotificationItemContent.js +9 -0
  252. package/commons/components/notification/elements/item/NotificationItemDate.d.ts +3 -0
  253. package/commons/components/notification/elements/item/NotificationItemDate.js +9 -0
  254. package/commons/components/notification/elements/item/NotificationItemImage.d.ts +4 -0
  255. package/commons/components/notification/elements/item/NotificationItemImage.js +20 -0
  256. package/commons/components/notification/elements/item/NotificationItemTag.d.ts +4 -0
  257. package/commons/components/notification/elements/item/NotificationItemTag.js +16 -0
  258. package/commons/components/notification/elements/item/NotificationItemTitle.d.ts +3 -0
  259. package/commons/components/notification/elements/item/NotificationItemTitle.js +8 -0
  260. package/commons/components/notification/index.d.ts +2 -0
  261. package/commons/components/notification/index.js +13 -0
  262. package/commons/components/pages/PageCardCentered.d.ts +5 -0
  263. package/commons/components/pages/PageCardCentered.js +35 -0
  264. package/commons/components/pages/PageCenter.d.ts +8 -0
  265. package/commons/components/pages/PageCenter.js +39 -0
  266. package/commons/components/pages/PageContent.d.ts +7 -0
  267. package/commons/components/pages/PageContent.js +11 -0
  268. package/commons/components/pages/PageFullScreen.d.ts +10 -0
  269. package/commons/components/pages/PageFullScreen.js +57 -0
  270. package/commons/components/pages/PageFullWidth.d.ts +11 -0
  271. package/commons/components/pages/PageFullWidth.js +18 -0
  272. package/commons/components/pages/PageHeader.d.ts +23 -0
  273. package/commons/components/pages/PageHeader.js +83 -0
  274. package/commons/components/pages/hooks/usePageProps.d.ts +24 -0
  275. package/commons/components/pages/hooks/usePageProps.js +28 -0
  276. package/commons/components/search/AppSearch.d.ts +1 -0
  277. package/commons/components/search/AppSearch.js +211 -0
  278. package/commons/components/search/AppSearchInput.d.ts +11 -0
  279. package/commons/components/search/AppSearchInput.js +68 -0
  280. package/commons/components/search/AppSearchResult.d.ts +4 -0
  281. package/commons/components/search/AppSearchResult.js +43 -0
  282. package/commons/components/topnav/AppBar.d.ts +5 -0
  283. package/commons/components/topnav/AppBar.js +119 -0
  284. package/commons/components/topnav/AppName.d.ts +4 -0
  285. package/commons/components/topnav/AppName.js +52 -0
  286. package/commons/components/topnav/AppSwitcher.d.ts +2 -0
  287. package/commons/components/topnav/AppSwitcher.js +76 -0
  288. package/commons/components/topnav/Notifications.d.ts +2 -0
  289. package/commons/components/topnav/Notifications.js +19 -0
  290. package/commons/components/topnav/ThemeSelection.d.ts +2 -0
  291. package/commons/components/topnav/ThemeSelection.js +89 -0
  292. package/commons/components/topnav/ThemeSelectionIcon.d.ts +2 -0
  293. package/commons/components/topnav/ThemeSelectionIcon.js +31 -0
  294. package/commons/components/topnav/UserProfile.d.ts +5 -0
  295. package/commons/components/topnav/UserProfile.js +144 -0
  296. package/commons/components/utils/hooks/useClipboard.d.ts +3 -0
  297. package/commons/components/utils/hooks/useClipboard.js +31 -0
  298. package/commons/components/utils/hooks/useEnv.d.ts +1 -0
  299. package/commons/components/utils/hooks/useEnv.js +14 -0
  300. package/commons/components/utils/hooks/useFullscreenStatus.d.ts +2 -0
  301. package/commons/components/utils/hooks/useFullscreenStatus.js +37 -0
  302. package/commons/components/utils/hooks/useGravatar.d.ts +2 -0
  303. package/commons/components/utils/hooks/useGravatar.js +11 -0
  304. package/commons/components/utils/hooks/useLocalStorage.d.ts +12 -0
  305. package/commons/components/utils/hooks/useLocalStorage.js +50 -0
  306. package/commons/components/utils/hooks/useLocalStorageItem.d.ts +14 -0
  307. package/commons/components/utils/hooks/useLocalStorageItem.js +31 -0
  308. package/commons/components/utils/hooks/useThemeBuilder.d.ts +7 -0
  309. package/commons/components/utils/hooks/useThemeBuilder.js +61 -0
  310. package/commons/components/utils/keyboard.d.ts +30 -0
  311. package/commons/components/utils/keyboard.js +70 -0
  312. package/components/app/App.d.ts +3 -0
  313. package/components/app/App.js +342 -0
  314. package/components/app/AppContainer.d.ts +3 -0
  315. package/components/app/AppContainer.js +12 -0
  316. package/components/app/drawers/ApiKeyDrawer.d.ts +6 -0
  317. package/components/app/drawers/ApiKeyDrawer.js +143 -0
  318. package/components/app/drawers/AppDrawerType.d.ts +6 -0
  319. package/components/app/drawers/AppDrawerType.js +1 -0
  320. package/components/app/drawers/AssignUserDrawer.d.ts +9 -0
  321. package/components/app/drawers/AssignUserDrawer.js +104 -0
  322. package/components/app/drawers/ViewGroupsDrawer.d.ts +7 -0
  323. package/components/app/drawers/ViewGroupsDrawer.js +11 -0
  324. package/components/app/hooks/useMatchers.d.ts +9 -0
  325. package/components/app/hooks/useMatchers.js +84 -0
  326. package/components/app/hooks/useTitle.d.ts +2 -0
  327. package/components/app/hooks/useTitle.js +64 -0
  328. package/components/app/providers/AnalyticProvider.d.ts +10 -0
  329. package/components/app/providers/AnalyticProvider.js +63 -0
  330. package/components/app/providers/ApiConfigProvider.d.ts +9 -0
  331. package/components/app/providers/ApiConfigProvider.js +24 -0
  332. package/components/app/providers/AppDrawerProvider.d.ts +10 -0
  333. package/components/app/providers/AppDrawerProvider.js +38 -0
  334. package/components/app/providers/AvatarProvider.d.ts +7 -0
  335. package/components/app/providers/AvatarProvider.js +32 -0
  336. package/components/app/providers/CustomPluginProvider.d.ts +3 -0
  337. package/components/app/providers/CustomPluginProvider.js +16 -0
  338. package/components/app/providers/FavouritesProvider.d.ts +4 -0
  339. package/components/app/providers/FavouritesProvider.js +136 -0
  340. package/components/app/providers/FieldProvider.d.ts +9 -0
  341. package/components/app/providers/FieldProvider.js +22 -0
  342. package/components/app/providers/HitProvider.d.ts +22 -0
  343. package/components/app/providers/HitProvider.js +103 -0
  344. package/components/app/providers/HitSearchProvider.d.ts +27 -0
  345. package/components/app/providers/HitSearchProvider.js +188 -0
  346. package/components/app/providers/LocalStorageProvider.d.ts +13 -0
  347. package/components/app/providers/LocalStorageProvider.js +49 -0
  348. package/components/app/providers/ModalProvider.d.ts +16 -0
  349. package/components/app/providers/ModalProvider.js +34 -0
  350. package/components/app/providers/OverviewProvider.d.ts +13 -0
  351. package/components/app/providers/OverviewProvider.js +68 -0
  352. package/components/app/providers/ParameterProvider.d.ts +26 -0
  353. package/components/app/providers/ParameterProvider.js +166 -0
  354. package/components/app/providers/SocketProvider.d.ts +57 -0
  355. package/components/app/providers/SocketProvider.js +175 -0
  356. package/components/app/providers/UserListProvider.d.ts +12 -0
  357. package/components/app/providers/UserListProvider.js +40 -0
  358. package/components/app/providers/ViewProvider.d.ts +23 -0
  359. package/components/app/providers/ViewProvider.js +163 -0
  360. package/components/elements/Comment.d.ts +17 -0
  361. package/components/elements/Comment.js +258 -0
  362. package/components/elements/EditRow.d.ts +14 -0
  363. package/components/elements/EditRow.js +208 -0
  364. package/components/elements/PluginChip.d.ts +9 -0
  365. package/components/elements/PluginChip.js +24 -0
  366. package/components/elements/PluginTypography.d.ts +9 -0
  367. package/components/elements/PluginTypography.js +24 -0
  368. package/components/elements/ThemedEditor.d.ts +3 -0
  369. package/components/elements/ThemedEditor.js +119 -0
  370. package/components/elements/UserList.d.ts +9 -0
  371. package/components/elements/UserList.js +67 -0
  372. package/components/elements/addons/buttons/CustomButton.d.ts +12 -0
  373. package/components/elements/addons/buttons/CustomButton.js +59 -0
  374. package/components/elements/addons/buttons/CustomIconButton.d.ts +15 -0
  375. package/components/elements/addons/buttons/CustomIconButton.js +81 -0
  376. package/components/elements/addons/buttons/index.d.ts +3 -0
  377. package/components/elements/addons/buttons/index.js +8 -0
  378. package/components/elements/addons/layout/FlexOne.d.ts +4 -0
  379. package/components/elements/addons/layout/FlexOne.js +9 -0
  380. package/components/elements/addons/layout/FlexPort.d.ts +12 -0
  381. package/components/elements/addons/layout/FlexPort.js +32 -0
  382. package/components/elements/addons/layout/FlexVertical.d.ts +8 -0
  383. package/components/elements/addons/layout/FlexVertical.js +23 -0
  384. package/components/elements/addons/layout/vsbox/VSBox.d.ts +16 -0
  385. package/components/elements/addons/layout/vsbox/VSBox.js +31 -0
  386. package/components/elements/addons/layout/vsbox/VSBoxContent.d.ts +4 -0
  387. package/components/elements/addons/layout/vsbox/VSBoxContent.js +8 -0
  388. package/components/elements/addons/layout/vsbox/VSBoxElement.d.ts +8 -0
  389. package/components/elements/addons/layout/vsbox/VSBoxElement.js +33 -0
  390. package/components/elements/addons/layout/vsbox/VSBoxHeader.d.ts +5 -0
  391. package/components/elements/addons/layout/vsbox/VSBoxHeader.js +36 -0
  392. package/components/elements/addons/lists/TuiList.d.ts +8 -0
  393. package/components/elements/addons/lists/TuiList.js +8 -0
  394. package/components/elements/addons/lists/TuiListBase.d.ts +10 -0
  395. package/components/elements/addons/lists/TuiListBase.js +82 -0
  396. package/components/elements/addons/lists/TuiListElement.d.ts +9 -0
  397. package/components/elements/addons/lists/TuiListElement.js +8 -0
  398. package/components/elements/addons/lists/TuiListMenu.d.ts +49 -0
  399. package/components/elements/addons/lists/TuiListMenu.js +45 -0
  400. package/components/elements/addons/lists/TuiListProvider.d.ts +22 -0
  401. package/components/elements/addons/lists/TuiListProvider.js +125 -0
  402. package/components/elements/addons/lists/hooks/useTuiListKeyboard.d.ts +5 -0
  403. package/components/elements/addons/lists/hooks/useTuiListKeyboard.js +43 -0
  404. package/components/elements/addons/lists/index.d.ts +19 -0
  405. package/components/elements/addons/lists/index.js +7 -0
  406. package/components/elements/addons/lists/table/TuiTable.d.ts +14 -0
  407. package/components/elements/addons/lists/table/TuiTable.js +114 -0
  408. package/components/elements/addons/lists/table/TuiTableBody.d.ts +14 -0
  409. package/components/elements/addons/lists/table/TuiTableBody.js +47 -0
  410. package/components/elements/addons/lists/table/TuiTableHead.d.ts +8 -0
  411. package/components/elements/addons/lists/table/TuiTableHead.js +21 -0
  412. package/components/elements/addons/lists/table/TuiTableHeader.d.ts +6 -0
  413. package/components/elements/addons/lists/table/TuiTableHeader.js +11 -0
  414. package/components/elements/addons/lists/table/TuiTableLayout.d.ts +12 -0
  415. package/components/elements/addons/lists/table/TuiTableLayout.js +47 -0
  416. package/components/elements/addons/lists/table/index.d.ts +15 -0
  417. package/components/elements/addons/lists/table/index.js +4 -0
  418. package/components/elements/addons/search/SearchPagination.d.ts +9 -0
  419. package/components/elements/addons/search/SearchPagination.js +17 -0
  420. package/components/elements/addons/search/SearchTotal.d.ts +8 -0
  421. package/components/elements/addons/search/SearchTotal.js +27 -0
  422. package/components/elements/addons/search/phrase/Phrase.d.ts +19 -0
  423. package/components/elements/addons/search/phrase/Phrase.js +137 -0
  424. package/components/elements/addons/search/phrase/PhraseConsumer.d.ts +13 -0
  425. package/components/elements/addons/search/phrase/PhraseConsumer.js +30 -0
  426. package/components/elements/addons/search/phrase/PhraseLexer.d.ts +26 -0
  427. package/components/elements/addons/search/phrase/PhraseLexer.js +121 -0
  428. package/components/elements/addons/search/phrase/index.d.ts +40 -0
  429. package/components/elements/addons/search/phrase/index.js +49 -0
  430. package/components/elements/addons/search/phrase/word/WordLexer.d.ts +5 -0
  431. package/components/elements/addons/search/phrase/word/WordLexer.js +11 -0
  432. package/components/elements/addons/search/phrase/word/WordSuggester.d.ts +6 -0
  433. package/components/elements/addons/search/phrase/word/WordSuggester.js +11 -0
  434. package/components/elements/addons/search/phrase/word/consumers/WhitespaceConsumer.d.ts +7 -0
  435. package/components/elements/addons/search/phrase/word/consumers/WhitespaceConsumer.js +20 -0
  436. package/components/elements/addons/search/phrase/word/consumers/WordConsumer.d.ts +7 -0
  437. package/components/elements/addons/search/phrase/word/consumers/WordConsumer.js +20 -0
  438. package/components/elements/display/ActionButton.d.ts +8 -0
  439. package/components/elements/display/ActionButton.js +36 -0
  440. package/components/elements/display/Classification.d.ts +3 -0
  441. package/components/elements/display/Classification.js +31 -0
  442. package/components/elements/display/DocumentationButton.d.ts +3 -0
  443. package/components/elements/display/DocumentationButton.js +36 -0
  444. package/components/elements/display/DynamicTabs.d.ts +8 -0
  445. package/components/elements/display/DynamicTabs.js +26 -0
  446. package/components/elements/display/HandlebarsMarkdown.d.ts +9 -0
  447. package/components/elements/display/HandlebarsMarkdown.js +77 -0
  448. package/components/elements/display/HowlerAvatar.d.ts +6 -0
  449. package/components/elements/display/HowlerAvatar.js +53 -0
  450. package/components/elements/display/HowlerAvatarHeader.d.ts +6 -0
  451. package/components/elements/display/HowlerAvatarHeader.js +30 -0
  452. package/components/elements/display/HowlerCard.d.ts +3 -0
  453. package/components/elements/display/HowlerCard.js +8 -0
  454. package/components/elements/display/Image.d.ts +3 -0
  455. package/components/elements/display/Image.js +45 -0
  456. package/components/elements/display/ItemManager.d.ts +25 -0
  457. package/components/elements/display/ItemManager.js +119 -0
  458. package/components/elements/display/Markdown.d.ts +10 -0
  459. package/components/elements/display/Markdown.js +156 -0
  460. package/components/elements/display/Modal.d.ts +3 -0
  461. package/components/elements/display/Modal.js +39 -0
  462. package/components/elements/display/Notebook.d.ts +4 -0
  463. package/components/elements/display/Notebook.js +9 -0
  464. package/components/elements/display/QueryResultText.d.ts +6 -0
  465. package/components/elements/display/QueryResultText.js +28 -0
  466. package/components/elements/display/TextDivider.d.ts +3 -0
  467. package/components/elements/display/TextDivider.js +42 -0
  468. package/components/elements/display/TypingIndicator.d.ts +2 -0
  469. package/components/elements/display/TypingIndicator.js +44 -0
  470. package/components/elements/display/UserPageWrapper.d.ts +6 -0
  471. package/components/elements/display/UserPageWrapper.js +11 -0
  472. package/components/elements/display/features/DevelopmentBanner.d.ts +3 -0
  473. package/components/elements/display/features/DevelopmentBanner.js +19 -0
  474. package/components/elements/display/features/DevelopmentIcon.d.ts +3 -0
  475. package/components/elements/display/features/DevelopmentIcon.js +17 -0
  476. package/components/elements/display/handlebars/helpers.d.ts +12 -0
  477. package/components/elements/display/handlebars/helpers.js +229 -0
  478. package/components/elements/display/icons/BundleButton.d.ts +6 -0
  479. package/components/elements/display/icons/BundleButton.js +70 -0
  480. package/components/elements/display/icons/Iconified.d.ts +9 -0
  481. package/components/elements/display/icons/Iconified.js +14 -0
  482. package/components/elements/display/icons/SocketBadge.d.ts +5 -0
  483. package/components/elements/display/icons/SocketBadge.js +79 -0
  484. package/components/elements/display/json/JSONViewer.d.ts +8 -0
  485. package/components/elements/display/json/JSONViewer.js +86 -0
  486. package/components/elements/display/markdownPlugins/tabs.d.ts +3 -0
  487. package/components/elements/display/markdownPlugins/tabs.js +66 -0
  488. package/components/elements/display/modals/ConfirmDeleteModal.d.ts +5 -0
  489. package/components/elements/display/modals/ConfirmDeleteModal.js +24 -0
  490. package/components/elements/display/modals/ConfirmNotebookModal.d.ts +5 -0
  491. package/components/elements/display/modals/ConfirmNotebookModal.js +24 -0
  492. package/components/elements/display/modals/CreateActionModal.d.ts +5 -0
  493. package/components/elements/display/modals/CreateActionModal.js +54 -0
  494. package/components/elements/display/modals/LoginErrorModal.d.ts +5 -0
  495. package/components/elements/display/modals/LoginErrorModal.js +24 -0
  496. package/components/elements/display/modals/RationaleModal.d.ts +5 -0
  497. package/components/elements/display/modals/RationaleModal.js +50 -0
  498. package/components/elements/hit/HitActions.d.ts +6 -0
  499. package/components/elements/hit/HitActions.js +255 -0
  500. package/components/elements/hit/HitBanner.d.ts +15 -0
  501. package/components/elements/hit/HitBanner.js +330 -0
  502. package/components/elements/hit/HitBannerTooltip.d.ts +6 -0
  503. package/components/elements/hit/HitBannerTooltip.js +39 -0
  504. package/components/elements/hit/HitCard.d.ts +7 -0
  505. package/components/elements/hit/HitCard.js +33 -0
  506. package/components/elements/hit/HitComments.d.ts +11 -0
  507. package/components/elements/hit/HitComments.js +280 -0
  508. package/components/elements/hit/HitDetails.d.ts +5 -0
  509. package/components/elements/hit/HitDetails.js +238 -0
  510. package/components/elements/hit/HitLabels.d.ts +6 -0
  511. package/components/elements/hit/HitLabels.js +210 -0
  512. package/components/elements/hit/HitLayout.d.ts +5 -0
  513. package/components/elements/hit/HitLayout.js +9 -0
  514. package/components/elements/hit/HitNotebooks.d.ts +8 -0
  515. package/components/elements/hit/HitNotebooks.js +213 -0
  516. package/components/elements/hit/HitOutline.d.ts +9 -0
  517. package/components/elements/hit/HitOutline.js +43 -0
  518. package/components/elements/hit/HitOverview.d.ts +6 -0
  519. package/components/elements/hit/HitOverview.js +35 -0
  520. package/components/elements/hit/HitQuickSearch.d.ts +8 -0
  521. package/components/elements/hit/HitQuickSearch.js +118 -0
  522. package/components/elements/hit/HitRelated.d.ts +6 -0
  523. package/components/elements/hit/HitRelated.js +10 -0
  524. package/components/elements/hit/HitShortcuts.d.ts +5 -0
  525. package/components/elements/hit/HitShortcuts.js +9 -0
  526. package/components/elements/hit/HitSummary.d.ts +11 -0
  527. package/components/elements/hit/HitSummary.js +234 -0
  528. package/components/elements/hit/HitWorklog.d.ts +10 -0
  529. package/components/elements/hit/HitWorklog.js +163 -0
  530. package/components/elements/hit/actions/ButtonActions.d.ts +12 -0
  531. package/components/elements/hit/actions/ButtonActions.js +215 -0
  532. package/components/elements/hit/actions/DropdownActions.d.ts +12 -0
  533. package/components/elements/hit/actions/DropdownActions.js +98 -0
  534. package/components/elements/hit/actions/SharedComponents.d.ts +18 -0
  535. package/components/elements/hit/actions/SharedComponents.js +27 -0
  536. package/components/elements/hit/aggregate/HitGraph.d.ts +5 -0
  537. package/components/elements/hit/aggregate/HitGraph.js +321 -0
  538. package/components/elements/hit/elements/Assigned.d.ts +9 -0
  539. package/components/elements/hit/elements/Assigned.js +65 -0
  540. package/components/elements/hit/elements/EscalationChip.d.ts +9 -0
  541. package/components/elements/hit/elements/EscalationChip.js +24 -0
  542. package/components/elements/hit/elements/HitTimestamp.d.ts +8 -0
  543. package/components/elements/hit/elements/HitTimestamp.js +73 -0
  544. package/components/elements/hit/outlines/DefaultOutline.d.ts +12 -0
  545. package/components/elements/hit/outlines/DefaultOutline.js +77 -0
  546. package/components/elements/hit/outlines/al/AssemblyLineRules.d.ts +5 -0
  547. package/components/elements/hit/outlines/al/AssemblyLineRules.js +87 -0
  548. package/components/elements/hit/related/PivotLink.d.ts +10 -0
  549. package/components/elements/hit/related/PivotLink.js +49 -0
  550. package/components/elements/hit/related/RelatedIcon.d.ts +8 -0
  551. package/components/elements/hit/related/RelatedIcon.js +50 -0
  552. package/components/elements/hit/related/RelatedLink.d.ts +8 -0
  553. package/components/elements/hit/related/RelatedLink.js +42 -0
  554. package/components/elements/view/ViewTitle.d.ts +10 -0
  555. package/components/elements/view/ViewTitle.js +45 -0
  556. package/components/hooks/useHitActions.d.ts +14 -0
  557. package/components/hooks/useHitActions.js +229 -0
  558. package/components/hooks/useHitSelection.d.ts +8 -0
  559. package/components/hooks/useHitSelection.js +86 -0
  560. package/components/hooks/useMyApi.d.ts +10 -0
  561. package/components/hooks/useMyApi.js +49 -0
  562. package/components/hooks/useMyChart.d.ts +275 -0
  563. package/components/hooks/useMyChart.js +131 -0
  564. package/components/hooks/useMyLocalStorage.d.ts +17 -0
  565. package/components/hooks/useMyLocalStorage.js +19 -0
  566. package/components/hooks/useMyPreferences.d.ts +3 -0
  567. package/components/hooks/useMyPreferences.js +272 -0
  568. package/components/hooks/useMySearch.d.ts +4 -0
  569. package/components/hooks/useMySearch.js +59 -0
  570. package/components/hooks/useMySitemap.d.ts +3 -0
  571. package/components/hooks/useMySitemap.js +206 -0
  572. package/components/hooks/useMySnackbar.d.ts +8 -0
  573. package/components/hooks/useMySnackbar.js +56 -0
  574. package/components/hooks/useMyTheme.d.ts +3 -0
  575. package/components/hooks/useMyTheme.js +30 -0
  576. package/components/hooks/useMyUser.d.ts +4 -0
  577. package/components/hooks/useMyUser.js +31 -0
  578. package/components/hooks/useMyUserFunctions.d.ts +118 -0
  579. package/components/hooks/useMyUserFunctions.js +143 -0
  580. package/components/hooks/useMyUserList.d.ts +4 -0
  581. package/components/hooks/useMyUserList.js +12 -0
  582. package/components/hooks/useMyUtils.d.ts +4 -0
  583. package/components/hooks/useMyUtils.js +18 -0
  584. package/components/hooks/useScrollRestoration.d.ts +7 -0
  585. package/components/hooks/useScrollRestoration.js +25 -0
  586. package/components/logins/Login.d.ts +2 -0
  587. package/components/logins/Login.js +47 -0
  588. package/components/logins/auth/OAuthLogin.d.ts +6 -0
  589. package/components/logins/auth/OAuthLogin.js +40 -0
  590. package/components/logins/auth/UserPassLogin.d.ts +2 -0
  591. package/components/logins/auth/UserPassLogin.js +51 -0
  592. package/components/logins/hooks/useLogin.d.ts +7 -0
  593. package/components/logins/hooks/useLogin.js +87 -0
  594. package/components/routes/404.d.ts +3 -0
  595. package/components/routes/404.js +16 -0
  596. package/components/routes/ErrorBoundary.d.ts +14 -0
  597. package/components/routes/ErrorBoundary.js +32 -0
  598. package/components/routes/ErrorOccured.d.ts +3 -0
  599. package/components/routes/ErrorOccured.js +20 -0
  600. package/components/routes/Logout.d.ts +3 -0
  601. package/components/routes/Logout.js +46 -0
  602. package/components/routes/action/edit/ActionEditor.d.ts +14 -0
  603. package/components/routes/action/edit/ActionEditor.js +275 -0
  604. package/components/routes/action/shared/ActionReportDisplay.d.ts +7 -0
  605. package/components/routes/action/shared/ActionReportDisplay.js +51 -0
  606. package/components/routes/action/shared/OperationEntry.d.ts +13 -0
  607. package/components/routes/action/shared/OperationEntry.js +84 -0
  608. package/components/routes/action/shared/OperationStep.d.ts +11 -0
  609. package/components/routes/action/shared/OperationStep.js +151 -0
  610. package/components/routes/action/useMyActionFunctions.d.ts +19 -0
  611. package/components/routes/action/useMyActionFunctions.js +201 -0
  612. package/components/routes/action/view/ActionDetails.d.ts +2 -0
  613. package/components/routes/action/view/ActionDetails.js +177 -0
  614. package/components/routes/action/view/ActionSearch.d.ts +3 -0
  615. package/components/routes/action/view/ActionSearch.js +214 -0
  616. package/components/routes/action/view/Integrations.d.ts +3 -0
  617. package/components/routes/action/view/Integrations.js +34 -0
  618. package/components/routes/admin/users/UserEditor.d.ts +3 -0
  619. package/components/routes/admin/users/UserEditor.js +57 -0
  620. package/components/routes/admin/users/UserSearch.d.ts +3 -0
  621. package/components/routes/admin/users/UserSearch.js +179 -0
  622. package/components/routes/advanced/QueryBuilder.d.ts +3 -0
  623. package/components/routes/advanced/QueryBuilder.js +497 -0
  624. package/components/routes/advanced/QueryEditor.d.ts +14 -0
  625. package/components/routes/advanced/QueryEditor.js +117 -0
  626. package/components/routes/advanced/RuleModal.d.ts +7 -0
  627. package/components/routes/advanced/RuleModal.js +189 -0
  628. package/components/routes/advanced/eqlCompletionProvider.d.ts +3 -0
  629. package/components/routes/advanced/eqlCompletionProvider.js +81 -0
  630. package/components/routes/advanced/eqlTokenProvider.d.ts +8 -0
  631. package/components/routes/advanced/eqlTokenProvider.js +84 -0
  632. package/components/routes/advanced/historyCompletionProvider.d.ts +3 -0
  633. package/components/routes/advanced/historyCompletionProvider.js +51 -0
  634. package/components/routes/advanced/luceneCompletionProvider.d.ts +3 -0
  635. package/components/routes/advanced/luceneCompletionProvider.js +91 -0
  636. package/components/routes/advanced/luceneTokenProvider.d.ts +9 -0
  637. package/components/routes/advanced/luceneTokenProvider.js +101 -0
  638. package/components/routes/advanced/yamlCompletionProvider.d.ts +3 -0
  639. package/components/routes/advanced/yamlCompletionProvider.js +50 -0
  640. package/components/routes/analytics/AnalyticComments.d.ts +7 -0
  641. package/components/routes/analytics/AnalyticComments.js +190 -0
  642. package/components/routes/analytics/AnalyticDetails.d.ts +2 -0
  643. package/components/routes/analytics/AnalyticDetails.js +254 -0
  644. package/components/routes/analytics/AnalyticHitComments.d.ts +6 -0
  645. package/components/routes/analytics/AnalyticHitComments.js +71 -0
  646. package/components/routes/analytics/AnalyticNotebooks.d.ts +7 -0
  647. package/components/routes/analytics/AnalyticNotebooks.js +138 -0
  648. package/components/routes/analytics/AnalyticOverview.d.ts +7 -0
  649. package/components/routes/analytics/AnalyticOverview.js +103 -0
  650. package/components/routes/analytics/AnalyticOverviews.d.ts +6 -0
  651. package/components/routes/analytics/AnalyticOverviews.js +72 -0
  652. package/components/routes/analytics/AnalyticSearch.d.ts +3 -0
  653. package/components/routes/analytics/AnalyticSearch.js +233 -0
  654. package/components/routes/analytics/AnalyticTemplates.d.ts +6 -0
  655. package/components/routes/analytics/AnalyticTemplates.js +70 -0
  656. package/components/routes/analytics/RuleView.d.ts +7 -0
  657. package/components/routes/analytics/RuleView.js +74 -0
  658. package/components/routes/analytics/TriageSettings.d.ts +7 -0
  659. package/components/routes/analytics/TriageSettings.js +104 -0
  660. package/components/routes/analytics/widgets/Assessment.d.ts +5 -0
  661. package/components/routes/analytics/widgets/Assessment.js +58 -0
  662. package/components/routes/analytics/widgets/Created.d.ts +5 -0
  663. package/components/routes/analytics/widgets/Created.js +52 -0
  664. package/components/routes/analytics/widgets/Detection.d.ts +6 -0
  665. package/components/routes/analytics/widgets/Detection.js +11 -0
  666. package/components/routes/analytics/widgets/Escalation.d.ts +6 -0
  667. package/components/routes/analytics/widgets/Escalation.js +51 -0
  668. package/components/routes/analytics/widgets/Stacked.d.ts +7 -0
  669. package/components/routes/analytics/widgets/Stacked.js +87 -0
  670. package/components/routes/analytics/widgets/Status.d.ts +5 -0
  671. package/components/routes/analytics/widgets/Status.js +21 -0
  672. package/components/routes/dossiers/DossierCard.d.ts +8 -0
  673. package/components/routes/dossiers/DossierCard.js +24 -0
  674. package/components/routes/dossiers/DossierEditor.d.ts +2 -0
  675. package/components/routes/dossiers/DossierEditor.js +198 -0
  676. package/components/routes/dossiers/Dossiers.d.ts +2 -0
  677. package/components/routes/dossiers/Dossiers.js +146 -0
  678. package/components/routes/dossiers/LeadEditor.d.ts +13 -0
  679. package/components/routes/dossiers/LeadEditor.js +119 -0
  680. package/components/routes/dossiers/LeadForm.d.ts +8 -0
  681. package/components/routes/dossiers/LeadForm.js +98 -0
  682. package/components/routes/dossiers/PivotForm.d.ts +13 -0
  683. package/components/routes/dossiers/PivotForm.js +278 -0
  684. package/components/routes/help/ActionDocumentation.d.ts +8 -0
  685. package/components/routes/help/ActionDocumentation.js +62 -0
  686. package/components/routes/help/ActionIntroductionDocumentation.d.ts +3 -0
  687. package/components/routes/help/ActionIntroductionDocumentation.js +103 -0
  688. package/components/routes/help/ApiDocumentation.d.ts +3 -0
  689. package/components/routes/help/ApiDocumentation.js +139 -0
  690. package/components/routes/help/AuthDocumentation.d.ts +3 -0
  691. package/components/routes/help/AuthDocumentation.js +20 -0
  692. package/components/routes/help/BundleDocumentation.d.ts +3 -0
  693. package/components/routes/help/BundleDocumentation.js +84 -0
  694. package/components/routes/help/ClientDocumentation.d.ts +3 -0
  695. package/components/routes/help/ClientDocumentation.js +20 -0
  696. package/components/routes/help/Help.d.ts +2 -0
  697. package/components/routes/help/Help.js +61 -0
  698. package/components/routes/help/HitBannerDocumentation.d.ts +3 -0
  699. package/components/routes/help/HitBannerDocumentation.js +62 -0
  700. package/components/routes/help/HitDocumentation.d.ts +3 -0
  701. package/components/routes/help/HitDocumentation.js +83 -0
  702. package/components/routes/help/HitLabelsDocumentation.d.ts +3 -0
  703. package/components/routes/help/HitLabelsDocumentation.js +46 -0
  704. package/components/routes/help/HitLinksDocumentation.d.ts +3 -0
  705. package/components/routes/help/HitLinksDocumentation.js +56 -0
  706. package/components/routes/help/HitSchemaDocumentation.d.ts +3 -0
  707. package/components/routes/help/HitSchemaDocumentation.js +159 -0
  708. package/components/routes/help/NotebookDocumentation.d.ts +3 -0
  709. package/components/routes/help/NotebookDocumentation.js +19 -0
  710. package/components/routes/help/OverviewDocumentation.d.ts +3 -0
  711. package/components/routes/help/OverviewDocumentation.js +15 -0
  712. package/components/routes/help/RetentionDocumentation.d.ts +3 -0
  713. package/components/routes/help/RetentionDocumentation.js +48 -0
  714. package/components/routes/help/SearchDocumentation.d.ts +3 -0
  715. package/components/routes/help/SearchDocumentation.js +515 -0
  716. package/components/routes/help/TemplateDocumentation.d.ts +3 -0
  717. package/components/routes/help/TemplateDocumentation.js +60 -0
  718. package/components/routes/help/ViewDocumentation.d.ts +3 -0
  719. package/components/routes/help/ViewDocumentation.js +29 -0
  720. package/components/routes/help/components/HelpTabs.d.ts +6 -0
  721. package/components/routes/help/components/HelpTabs.js +40 -0
  722. package/components/routes/hits/search/BundleParentMenu.d.ts +6 -0
  723. package/components/routes/hits/search/BundleParentMenu.js +54 -0
  724. package/components/routes/hits/search/BundleScroller.d.ts +2 -0
  725. package/components/routes/hits/search/BundleScroller.js +9 -0
  726. package/components/routes/hits/search/CustomSort.d.ts +2 -0
  727. package/components/routes/hits/search/CustomSort.js +88 -0
  728. package/components/routes/hits/search/HitBrowser.d.ts +3 -0
  729. package/components/routes/hits/search/HitBrowser.js +258 -0
  730. package/components/routes/hits/search/HitContextMenu.d.ts +7 -0
  731. package/components/routes/hits/search/HitContextMenu.js +209 -0
  732. package/components/routes/hits/search/HitQuery.d.ts +9 -0
  733. package/components/routes/hits/search/HitQuery.js +237 -0
  734. package/components/routes/hits/search/InformationPane.d.ts +5 -0
  735. package/components/routes/hits/search/InformationPane.js +377 -0
  736. package/components/routes/hits/search/SearchPane.d.ts +3 -0
  737. package/components/routes/hits/search/SearchPane.js +222 -0
  738. package/components/routes/hits/search/ViewLink.d.ts +2 -0
  739. package/components/routes/hits/search/ViewLink.js +77 -0
  740. package/components/routes/hits/search/grid/AddColumnModal.d.ts +8 -0
  741. package/components/routes/hits/search/grid/AddColumnModal.js +92 -0
  742. package/components/routes/hits/search/grid/ColumnHeader.d.ts +8 -0
  743. package/components/routes/hits/search/grid/ColumnHeader.js +70 -0
  744. package/components/routes/hits/search/grid/EnhancedCell.d.ts +8 -0
  745. package/components/routes/hits/search/grid/EnhancedCell.js +50 -0
  746. package/components/routes/hits/search/grid/HitGrid.d.ts +3 -0
  747. package/components/routes/hits/search/grid/HitGrid.js +274 -0
  748. package/components/routes/hits/search/grid/HitRow.d.ts +10 -0
  749. package/components/routes/hits/search/grid/HitRow.js +102 -0
  750. package/components/routes/hits/search/shared/CustomSpan.d.ts +2 -0
  751. package/components/routes/hits/search/shared/CustomSpan.js +54 -0
  752. package/components/routes/hits/search/shared/HitFilter.d.ts +4 -0
  753. package/components/routes/hits/search/shared/HitFilter.js +99 -0
  754. package/components/routes/hits/search/shared/HitSort.d.ts +4 -0
  755. package/components/routes/hits/search/shared/HitSort.js +91 -0
  756. package/components/routes/hits/search/shared/QuerySettings.d.ts +6 -0
  757. package/components/routes/hits/search/shared/QuerySettings.js +41 -0
  758. package/components/routes/hits/search/shared/SearchSpan.d.ts +5 -0
  759. package/components/routes/hits/search/shared/SearchSpan.js +59 -0
  760. package/components/routes/hits/view/HitViewer.d.ts +7 -0
  761. package/components/routes/hits/view/HitViewer.js +336 -0
  762. package/components/routes/hits/view/LeadRenderer.d.ts +7 -0
  763. package/components/routes/hits/view/LeadRenderer.js +34 -0
  764. package/components/routes/home/AddNewCard.d.ts +7 -0
  765. package/components/routes/home/AddNewCard.js +216 -0
  766. package/components/routes/home/AnalyticCard.d.ts +7 -0
  767. package/components/routes/home/AnalyticCard.js +43 -0
  768. package/components/routes/home/EntryWrapper.d.ts +7 -0
  769. package/components/routes/home/EntryWrapper.js +58 -0
  770. package/components/routes/home/ViewCard.d.ts +7 -0
  771. package/components/routes/home/ViewCard.js +64 -0
  772. package/components/routes/home/index.d.ts +3 -0
  773. package/components/routes/home/index.js +244 -0
  774. package/components/routes/overviews/OverviewCard.d.ts +8 -0
  775. package/components/routes/overviews/OverviewCard.js +25 -0
  776. package/components/routes/overviews/OverviewEditor.d.ts +12 -0
  777. package/components/routes/overviews/OverviewEditor.js +81 -0
  778. package/components/routes/overviews/OverviewViewer.d.ts +2 -0
  779. package/components/routes/overviews/OverviewViewer.js +316 -0
  780. package/components/routes/overviews/Overviews.d.ts +2 -0
  781. package/components/routes/overviews/Overviews.js +148 -0
  782. package/components/routes/overviews/markdownExtendedTokenProvider.d.ts +3 -0
  783. package/components/routes/overviews/markdownExtendedTokenProvider.js +262 -0
  784. package/components/routes/overviews/startingTemplate.d.ts +1 -0
  785. package/components/routes/overviews/startingTemplate.js +36 -0
  786. package/components/routes/settings/AdminSection.d.ts +3 -0
  787. package/components/routes/settings/AdminSection.js +13 -0
  788. package/components/routes/settings/LocalSection.d.ts +3 -0
  789. package/components/routes/settings/LocalSection.js +127 -0
  790. package/components/routes/settings/ProfileSection.d.ts +10 -0
  791. package/components/routes/settings/ProfileSection.js +98 -0
  792. package/components/routes/settings/SecuritySection.d.ts +10 -0
  793. package/components/routes/settings/SecuritySection.js +71 -0
  794. package/components/routes/settings/Settings.d.ts +3 -0
  795. package/components/routes/settings/Settings.js +56 -0
  796. package/components/routes/settings/SettingsSection.d.ts +7 -0
  797. package/components/routes/settings/SettingsSection.js +22 -0
  798. package/components/routes/templates/TemplateCard.d.ts +7 -0
  799. package/components/routes/templates/TemplateCard.js +26 -0
  800. package/components/routes/templates/TemplateDnD.d.ts +8 -0
  801. package/components/routes/templates/TemplateDnD.js +44 -0
  802. package/components/routes/templates/TemplateEditor.d.ts +9 -0
  803. package/components/routes/templates/TemplateEditor.js +104 -0
  804. package/components/routes/templates/TemplateViewer.d.ts +2 -0
  805. package/components/routes/templates/TemplateViewer.js +219 -0
  806. package/components/routes/templates/Templates.d.ts +2 -0
  807. package/components/routes/templates/Templates.js +156 -0
  808. package/components/routes/views/ViewComposer.d.ts +3 -0
  809. package/components/routes/views/ViewComposer.js +276 -0
  810. package/components/routes/views/Views.d.ts +2 -0
  811. package/components/routes/views/Views.js +301 -0
  812. package/globals.d.ts +1 -0
  813. package/hit-CQYBTSKb.js +7 -0
  814. package/i18n.d.ts +3 -0
  815. package/i18n.js +1909 -0
  816. package/index-BPPnUdfP.js +1157 -0
  817. package/index.d.ts +0 -0
  818. package/index.js +13 -0
  819. package/locales/en/help/main.json.d.ts +16 -0
  820. package/locales/en/help/search.json.d.ts +189 -0
  821. package/locales/en/translation.json.d.ts +802 -0
  822. package/locales/fr/help/main.json.d.ts +16 -0
  823. package/locales/fr/help/search.json.d.ts +189 -0
  824. package/locales/fr/translation.json.d.ts +800 -0
  825. package/models/ActionTypes.d.ts +49 -0
  826. package/models/WithMetadata.d.ts +11 -0
  827. package/models/entities/HowlerUser.d.ts +17 -0
  828. package/models/entities/generated/Account.d.ts +7 -0
  829. package/models/entities/generated/Action.d.ts +12 -0
  830. package/models/entities/generated/Agent.d.ts +9 -0
  831. package/models/entities/generated/Analytic.d.ts +20 -0
  832. package/models/entities/generated/Answer.d.ts +10 -0
  833. package/models/entities/generated/Antivirus.d.ts +9 -0
  834. package/models/entities/generated/ApiType.d.ts +238 -0
  835. package/models/entities/generated/Assemblyline.d.ts +21 -0
  836. package/models/entities/generated/Attachment.d.ts +7 -0
  837. package/models/entities/generated/Attribution.d.ts +9 -0
  838. package/models/entities/generated/AutonomousSystems.d.ts +7 -0
  839. package/models/entities/generated/Aws.d.ts +9 -0
  840. package/models/entities/generated/Azure.d.ts +10 -0
  841. package/models/entities/generated/Bcc.d.ts +6 -0
  842. package/models/entities/generated/Behaviour.d.ts +9 -0
  843. package/models/entities/generated/Body.d.ts +7 -0
  844. package/models/entities/generated/Cbs.d.ts +7 -0
  845. package/models/entities/generated/Cc.d.ts +6 -0
  846. package/models/entities/generated/Client.d.ts +7 -0
  847. package/models/entities/generated/Cloud.d.ts +19 -0
  848. package/models/entities/generated/CloudAccount.d.ts +7 -0
  849. package/models/entities/generated/CodeSignature.d.ts +14 -0
  850. package/models/entities/generated/Comment.d.ts +12 -0
  851. package/models/entities/generated/Container.d.ts +11 -0
  852. package/models/entities/generated/Created.d.ts +7 -0
  853. package/models/entities/generated/Dashboard.d.ts +8 -0
  854. package/models/entities/generated/Data.d.ts +8 -0
  855. package/models/entities/generated/Destination.d.ts +22 -0
  856. package/models/entities/generated/Device.d.ts +6 -0
  857. package/models/entities/generated/Dns.d.ts +15 -0
  858. package/models/entities/generated/Domain.d.ts +9 -0
  859. package/models/entities/generated/Dossier.d.ts +14 -0
  860. package/models/entities/generated/Ecs.d.ts +6 -0
  861. package/models/entities/generated/Egress.d.ts +6 -0
  862. package/models/entities/generated/Elf.d.ts +19 -0
  863. package/models/entities/generated/Email.d.ts +29 -0
  864. package/models/entities/generated/Enrichment.d.ts +9 -0
  865. package/models/entities/generated/EntryMeta.d.ts +6 -0
  866. package/models/entities/generated/Error.d.ts +7 -0
  867. package/models/entities/generated/Event.d.ts +31 -0
  868. package/models/entities/generated/Faas.d.ts +12 -0
  869. package/models/entities/generated/Feed.d.ts +9 -0
  870. package/models/entities/generated/File.d.ts +11 -0
  871. package/models/entities/generated/FileHash.d.ts +12 -0
  872. package/models/entities/generated/From.d.ts +6 -0
  873. package/models/entities/generated/Gcp.d.ts +10 -0
  874. package/models/entities/generated/Geo.d.ts +17 -0
  875. package/models/entities/generated/Group.d.ts +8 -0
  876. package/models/entities/generated/Hash.d.ts +6 -0
  877. package/models/entities/generated/Header.d.ts +13 -0
  878. package/models/entities/generated/Heuristic.d.ts +9 -0
  879. package/models/entities/generated/Hit.d.ts +101 -0
  880. package/models/entities/generated/HitFile.d.ts +35 -0
  881. package/models/entities/generated/HitOrganization.d.ts +7 -0
  882. package/models/entities/generated/Host.d.ts +11 -0
  883. package/models/entities/generated/Howler.d.ts +47 -0
  884. package/models/entities/generated/HowlerComment.d.ts +11 -0
  885. package/models/entities/generated/HowlerDossier.d.ts +11 -0
  886. package/models/entities/generated/Http.d.ts +10 -0
  887. package/models/entities/generated/Image.d.ts +9 -0
  888. package/models/entities/generated/Incident.d.ts +8 -0
  889. package/models/entities/generated/Indicator.d.ts +20 -0
  890. package/models/entities/generated/IndicatorEmail.d.ts +6 -0
  891. package/models/entities/generated/IndicatorFile.d.ts +35 -0
  892. package/models/entities/generated/Ingress.d.ts +8 -0
  893. package/models/entities/generated/Instance.d.ts +7 -0
  894. package/models/entities/generated/Interface.d.ts +7 -0
  895. package/models/entities/generated/Label.d.ts +7 -0
  896. package/models/entities/generated/Labels.d.ts +13 -0
  897. package/models/entities/generated/Lead.d.ts +11 -0
  898. package/models/entities/generated/Link.d.ts +8 -0
  899. package/models/entities/generated/Location.d.ts +7 -0
  900. package/models/entities/generated/Log.d.ts +13 -0
  901. package/models/entities/generated/Machine.d.ts +6 -0
  902. package/models/entities/generated/Mapping.d.ts +8 -0
  903. package/models/entities/generated/Matched.d.ts +6 -0
  904. package/models/entities/generated/Mitre.d.ts +9 -0
  905. package/models/entities/generated/Modified.d.ts +7 -0
  906. package/models/entities/generated/Nat.d.ts +7 -0
  907. package/models/entities/generated/Network.d.ts +8 -0
  908. package/models/entities/generated/Notebook.d.ts +10 -0
  909. package/models/entities/generated/Observer.d.ts +20 -0
  910. package/models/entities/generated/Operation.d.ts +7 -0
  911. package/models/entities/generated/Organization.d.ts +7 -0
  912. package/models/entities/generated/Original.d.ts +18 -0
  913. package/models/entities/generated/Os.d.ts +12 -0
  914. package/models/entities/generated/Outline.d.ts +9 -0
  915. package/models/entities/generated/Overview.d.ts +10 -0
  916. package/models/entities/generated/Parent.d.ts +18 -0
  917. package/models/entities/generated/ParentHash.d.ts +12 -0
  918. package/models/entities/generated/ParentParent.d.ts +31 -0
  919. package/models/entities/generated/ParentUser.d.ts +9 -0
  920. package/models/entities/generated/Pe.d.ts +13 -0
  921. package/models/entities/generated/Pivot.d.ts +12 -0
  922. package/models/entities/generated/Process.d.ts +33 -0
  923. package/models/entities/generated/ProcessHash.d.ts +12 -0
  924. package/models/entities/generated/ProcessParent.d.ts +33 -0
  925. package/models/entities/generated/ProcessUser.d.ts +9 -0
  926. package/models/entities/generated/Project.d.ts +7 -0
  927. package/models/entities/generated/Question.d.ts +11 -0
  928. package/models/entities/generated/Registry.d.ts +11 -0
  929. package/models/entities/generated/Related.d.ts +13 -0
  930. package/models/entities/generated/ReplyTo.d.ts +6 -0
  931. package/models/entities/generated/Request.d.ts +12 -0
  932. package/models/entities/generated/Response.d.ts +10 -0
  933. package/models/entities/generated/Rule.d.ts +15 -0
  934. package/models/entities/generated/Section.d.ts +14 -0
  935. package/models/entities/generated/Segment.d.ts +14 -0
  936. package/models/entities/generated/Sender.d.ts +6 -0
  937. package/models/entities/generated/Server.d.ts +8 -0
  938. package/models/entities/generated/Service.d.ts +6 -0
  939. package/models/entities/generated/Settings.d.ts +6 -0
  940. package/models/entities/generated/Sharepoint.d.ts +9 -0
  941. package/models/entities/generated/Software.d.ts +11 -0
  942. package/models/entities/generated/Source.d.ts +22 -0
  943. package/models/entities/generated/SourceOriginal.d.ts +18 -0
  944. package/models/entities/generated/Tactic.d.ts +9 -0
  945. package/models/entities/generated/Technique.d.ts +9 -0
  946. package/models/entities/generated/Template.d.ts +11 -0
  947. package/models/entities/generated/Threat.d.ts +20 -0
  948. package/models/entities/generated/ThreatGroup.d.ts +9 -0
  949. package/models/entities/generated/ThreatIndicator.d.ts +20 -0
  950. package/models/entities/generated/ThreatTactic.d.ts +8 -0
  951. package/models/entities/generated/ThreatTechnique.d.ts +8 -0
  952. package/models/entities/generated/Tls.d.ts +11 -0
  953. package/models/entities/generated/TlsServer.d.ts +6 -0
  954. package/models/entities/generated/To.d.ts +6 -0
  955. package/models/entities/generated/TriageSettings.d.ts +8 -0
  956. package/models/entities/generated/Trigger.d.ts +7 -0
  957. package/models/entities/generated/Uri.d.ts +9 -0
  958. package/models/entities/generated/Url.d.ts +19 -0
  959. package/models/entities/generated/User.d.ts +14 -0
  960. package/models/entities/generated/UserAgent.d.ts +12 -0
  961. package/models/entities/generated/UserUser.d.ts +18 -0
  962. package/models/entities/generated/View.d.ts +14 -0
  963. package/models/entities/generated/Votes.d.ts +8 -0
  964. package/models/entities/generated/Vulnerability.d.ts +12 -0
  965. package/models/entities/generated/Yara.d.ts +9 -0
  966. package/models/socket/HitUpdate.d.ts +13 -0
  967. package/package.json +1 -1
  968. package/plugins/HowlerPlugin.d.ts +114 -0
  969. package/plugins/HowlerPlugin.js +276 -0
  970. package/plugins/store.d.ts +95 -0
  971. package/plugins/store.js +105 -0
  972. package/rest/AxiosClient.d.ts +10 -0
  973. package/rest/AxiosClient.js +68 -0
  974. package/rest/FetchClient.d.ts +7 -0
  975. package/rest/FetchClient.js +19 -0
  976. package/rest/index.d.ts +6 -0
  977. package/rest/index.js +1 -0
  978. package/setupTests.d.ts +0 -0
  979. package/tests/MockLocalStorage.d.ts +5 -0
  980. package/tests/server-handlers.d.ts +5 -0
  981. package/tests/server.d.ts +3 -0
  982. package/utils/Throttler.d.ts +9 -0
  983. package/utils/Throttler.js +43 -0
  984. package/utils/actionUtils.d.ts +31 -0
  985. package/utils/actionUtils.js +41 -0
  986. package/utils/constants.d.ts +79 -0
  987. package/utils/constants.js +131 -0
  988. package/utils/hit.json.d.ts +30359 -0
  989. package/utils/hitFunctions.d.ts +2 -0
  990. package/utils/hitFunctions.js +12 -0
  991. package/utils/localStorage.d.ts +21 -0
  992. package/utils/localStorage.js +35 -0
  993. package/utils/menuUtils.d.ts +89 -0
  994. package/utils/menuUtils.js +247 -0
  995. package/utils/sessionStorage.d.ts +7 -0
  996. package/utils/sessionStorage.js +50 -0
  997. package/utils/socketUtils.d.ts +8 -0
  998. package/utils/socketUtils.js +6 -0
  999. package/utils/stringUtils.d.ts +8 -0
  1000. package/utils/stringUtils.js +52 -0
  1001. package/utils/utils.d.ts +33 -0
  1002. package/utils/utils.js +193 -0
  1003. package/utils/xsrf.d.ts +2 -0
  1004. package/utils/xsrf.js +12 -0
  1005. package/vite-env.d.ts +1 -0
  1006. package/assets/abap-DR3EPHcA.js +0 -6
  1007. package/assets/abap-mo7PPmCt.js +0 -1
  1008. package/assets/abnf-D5WZvYF_.js +0 -1
  1009. package/assets/actionscript-o1NqrfHn.js +0 -1
  1010. package/assets/ada-BAcJesVD.js +0 -1
  1011. package/assets/agda-D-QD0Sfn.js +0 -1
  1012. package/assets/al-Dzs83GY0.js +0 -1
  1013. package/assets/antlr4-BjEStX_I.js +0 -1
  1014. package/assets/apacheconf-Bh7PaD8s.js +0 -1
  1015. package/assets/apex-CW6wsJgM.js +0 -6
  1016. package/assets/apex-Dg8nVlbW.js +0 -1
  1017. package/assets/apl-Bpu7iDoL.js +0 -1
  1018. package/assets/applescript-hMMldMmZ.js +0 -1
  1019. package/assets/aql-CrUo-IGN.js +0 -1
  1020. package/assets/arc-O4DCfFxW.js +0 -1
  1021. package/assets/architecture-O4VJ6CD3-BtxcGCTr.js +0 -1
  1022. package/assets/architectureDiagram-KFL7JDKH-ChuPt1SI.js +0 -36
  1023. package/assets/arduino-DmF6sKDB.js +0 -1
  1024. package/assets/arff-BBGQBSJT.js +0 -1
  1025. package/assets/asciidoc-Bj5gp9h7.js +0 -1
  1026. package/assets/asm6502-FSfxG8DZ.js +0 -1
  1027. package/assets/asmatmel-e1oEOVx2.js +0 -1
  1028. package/assets/aspnet-BSz1N4dH.js +0 -1
  1029. package/assets/autohotkey-E5ufzqN-.js +0 -1
  1030. package/assets/autoit-C_kN8xn5.js +0 -1
  1031. package/assets/avisynth-DbmndZmQ.js +0 -1
  1032. package/assets/avro-idl-DGQ_T6zF.js +0 -1
  1033. package/assets/azcli-CIONJYq1.js +0 -6
  1034. package/assets/bash-CefCgV5_.js +0 -1
  1035. package/assets/bash-CviVjnOh.js +0 -1
  1036. package/assets/basic-Bx3Rn9rA.js +0 -1
  1037. package/assets/basic-DBS9NaGG.js +0 -1
  1038. package/assets/bat-C9Lf3IiR.js +0 -6
  1039. package/assets/batch-DTnb-DYx.js +0 -1
  1040. package/assets/bbcode-D1mhg2V8.js +0 -1
  1041. package/assets/bicep-0IioNd8i.js +0 -1
  1042. package/assets/bicep-D-A_iHuq.js +0 -7
  1043. package/assets/birb-DU56kIa1.js +0 -1
  1044. package/assets/bison-BN1e05g4.js +0 -1
  1045. package/assets/blockDiagram-ZYB65J3Q-C50Mlz51.js +0 -122
  1046. package/assets/bnf-D2g0vgik.js +0 -1
  1047. package/assets/brainfuck-jbiw2pGD.js +0 -1
  1048. package/assets/brightscript-BBDeWuro.js +0 -1
  1049. package/assets/bro-CGTpxN4p.js +0 -1
  1050. package/assets/bsl-CqTC8aLw.js +0 -1
  1051. package/assets/c-Ds_ySDj7.js +0 -1
  1052. package/assets/c-kgVuzdLE.js +0 -1
  1053. package/assets/c4Diagram-AAMF2YG6-B3WV-JGO.js +0 -10
  1054. package/assets/cameligo-v1zEsXLu.js +0 -6
  1055. package/assets/cfscript-Bj6Jdimw.js +0 -1
  1056. package/assets/chaiscript-RYJpKV37.js +0 -1
  1057. package/assets/channel-C5BRq60g.js +0 -1
  1058. package/assets/chunk-ANTBXLJU-C1HjgHjc.js +0 -1
  1059. package/assets/chunk-FHKO5MBM-BrpQoidZ.js +0 -1
  1060. package/assets/chunk-GLLZNHP4-DN9o3NmB.js +0 -15
  1061. package/assets/chunk-JBRWN2VN-DHDH1I9F.js +0 -165
  1062. package/assets/chunk-LXBSTHXV-DsMapXSy.js +0 -220
  1063. package/assets/chunk-NRVI72HA-zCLbemRf.js +0 -1
  1064. package/assets/chunk-OMD6QJNC-CcTW7n4d.js +0 -1
  1065. package/assets/chunk-WVR4S24B-O5VGDTLK.js +0 -1
  1066. package/assets/cil-D4aeGR4P.js +0 -1
  1067. package/assets/classDiagram-3BZAVTQC-DC2D1o61.js +0 -1
  1068. package/assets/classDiagram-v2-QTMF73CY-DC2D1o61.js +0 -1
  1069. package/assets/clike-B5tY_8Hg.js +0 -1
  1070. package/assets/clike-CqNn0AJS.js +0 -1
  1071. package/assets/clojure-CvHCjxEW.js +0 -1
  1072. package/assets/clojure-DgNu_ptH.js +0 -6
  1073. package/assets/clone-CQzAVi1_.js +0 -1
  1074. package/assets/cmake-Y9YYOI1o.js +0 -1
  1075. package/assets/cobol-Cn7N4Z9s.js +0 -1
  1076. package/assets/codicon-B16ygVZF.ttf +0 -0
  1077. package/assets/coffee-DNMvp8RP.js +0 -6
  1078. package/assets/coffeescript-BNf6wfQ6.js +0 -1
  1079. package/assets/concurnas-F8NRlUrA.js +0 -1
  1080. package/assets/coq-CXxL_LlW.js +0 -1
  1081. package/assets/core-DkoeCqqg.js +0 -8
  1082. package/assets/cpp-BdJVwJpi.js +0 -1
  1083. package/assets/cpp-DEDKHd-B.js +0 -6
  1084. package/assets/cpp-DWon0ppI.js +0 -1
  1085. package/assets/crystal-B2v6_JlQ.js +0 -1
  1086. package/assets/csharp-BLSK0Zzi.js +0 -1
  1087. package/assets/csharp-BoWmgZhk.js +0 -6
  1088. package/assets/csharp-Cd5Udg29.js +0 -1
  1089. package/assets/cshtml-BLIhUWji.js +0 -1
  1090. package/assets/csp-BK5qlsQ9.js +0 -6
  1091. package/assets/csp-CeuPpz9b.js +0 -1
  1092. package/assets/css-CF9HHZb0.js +0 -1
  1093. package/assets/css-D1nB4Vcj.js +0 -8
  1094. package/assets/css-D8yvO7dz.js +0 -1
  1095. package/assets/css-extras-DRnBitp6.js +0 -1
  1096. package/assets/cssMode-DrkEOKra.js +0 -9
  1097. package/assets/csv-Be-N3gG6.js +0 -1
  1098. package/assets/cypher-BQok03ZI.js +0 -1
  1099. package/assets/cypher-Bl5_yQjz.js +0 -6
  1100. package/assets/cytoscape.esm-BQaXIfA_.js +0 -331
  1101. package/assets/d-Df_6sXOB.js +0 -1
  1102. package/assets/dagre-2BBEFEWP-BdLL3xYf.js +0 -4
  1103. package/assets/dart-AOzSx5I4.js +0 -1
  1104. package/assets/dart-BVA93hyX.js +0 -6
  1105. package/assets/dataweave--R-21DfR.js +0 -1
  1106. package/assets/dax-CsnNiQxC.js +0 -1
  1107. package/assets/defaultLocale-C4B-KCzX.js +0 -1
  1108. package/assets/dhall-BidGwr1u.js +0 -1
  1109. package/assets/diagram-4IRLE6MV-Du7ZA7eP.js +0 -24
  1110. package/assets/diagram-GUPCWM2R-ByacznHI.js +0 -24
  1111. package/assets/diagram-RP2FKANI-uZXzQ0HO.js +0 -43
  1112. package/assets/diff-By-TneY5.js +0 -3
  1113. package/assets/django-CqZkrb5c.js +0 -1
  1114. package/assets/dns-zone-file-CIIN0Zwd.js +0 -1
  1115. package/assets/docker-DrVrzUu_.js +0 -1
  1116. package/assets/dockerfile-fYe1jRYc.js +0 -6
  1117. package/assets/dot-D6JxP7pN.js +0 -1
  1118. package/assets/ebnf-boHv7kBZ.js +0 -1
  1119. package/assets/ecl-Bxo8QmCt.js +0 -6
  1120. package/assets/editorconfig-BZK9BWTq.js +0 -1
  1121. package/assets/eiffel-BspS-zg2.js +0 -1
  1122. package/assets/ejs-BO4bBszI.js +0 -1
  1123. package/assets/elixir-BbUoe7nZ.js +0 -6
  1124. package/assets/elixir-DCnntdKi.js +0 -1
  1125. package/assets/elm-wkvDZVBc.js +0 -1
  1126. package/assets/erDiagram-HZWUO2LU-CLYl94DE.js +0 -60
  1127. package/assets/erb-D0dPextc.js +0 -1
  1128. package/assets/erlang-GkjxK_5M.js +0 -1
  1129. package/assets/etlua-DISv4zYg.js +0 -1
  1130. package/assets/excel-formula-HLTv-nrr.js +0 -1
  1131. package/assets/factor-BkpcfzTR.js +0 -1
  1132. package/assets/false-41V82d_P.js +0 -1
  1133. package/assets/firestore-security-rules-RBhhbSld.js +0 -1
  1134. package/assets/flow-Ht8yfkR5.js +0 -1
  1135. package/assets/flow9-BKFjllYO.js +0 -6
  1136. package/assets/flowDiagram-THRYKUMA-BfELR1TN.js +0 -162
  1137. package/assets/fortran-Dzm_isHe.js +0 -1
  1138. package/assets/freemarker2-BRaa7f1Q.js +0 -8
  1139. package/assets/fsharp-C9WT9v9x.js +0 -1
  1140. package/assets/fsharp-ETo-tsZt.js +0 -6
  1141. package/assets/ftl-B17SbwAW.js +0 -1
  1142. package/assets/ganttDiagram-WV7ZQ7D5-Bw19caXp.js +0 -267
  1143. package/assets/gap-SzXKPgeq.js +0 -1
  1144. package/assets/gcode-CuQuTKdO.js +0 -1
  1145. package/assets/gdscript-bTCD4XIA.js +0 -1
  1146. package/assets/gedcom-Dw1a27VL.js +0 -1
  1147. package/assets/gherkin-B8yC8kPH.js +0 -1
  1148. package/assets/git-CuTlBGs3.js +0 -1
  1149. package/assets/gitGraph-ZV4HHKMB-NswVDVTC.js +0 -1
  1150. package/assets/gitGraphDiagram-OJR772UL-B2Wp36xV.js +0 -65
  1151. package/assets/glsl-VfJQISaC.js +0 -1
  1152. package/assets/gml-Cg063sEn.js +0 -1
  1153. package/assets/gn-CfhRs8hN.js +0 -1
  1154. package/assets/go-DzbHtIm4.js +0 -6
  1155. package/assets/go-VWO1sCsw.js +0 -1
  1156. package/assets/go-module-Ca9MQv90.js +0 -1
  1157. package/assets/graph-BcxGmKUY.js +0 -1
  1158. package/assets/graphql-DQddNIUX.js +0 -1
  1159. package/assets/graphql-k0EsSqLB.js +0 -6
  1160. package/assets/groovy-Dcjs8fee.js +0 -1
  1161. package/assets/haml-B5-Vcx98.js +0 -1
  1162. package/assets/handlebars-CYVGF2_K.js +0 -6
  1163. package/assets/handlebars-D9Ysibnv.js +0 -1
  1164. package/assets/haskell-D1TAusTt.js +0 -1
  1165. package/assets/haskell-Ds42Eazu.js +0 -1
  1166. package/assets/haxe-BwfSBwx-.js +0 -1
  1167. package/assets/hcl-B7RhI5Aa.js +0 -1
  1168. package/assets/hcl-Cq9v6if3.js +0 -6
  1169. package/assets/hlsl-ePiBBFSV.js +0 -1
  1170. package/assets/hoon-CoBO7KEA.js +0 -1
  1171. package/assets/hpkp-D81lsBFo.js +0 -1
  1172. package/assets/hsts-D1exIVwR.js +0 -1
  1173. package/assets/html-sSVLAgmR.js +0 -6
  1174. package/assets/htmlMode-1dVkh-tv.js +0 -9
  1175. package/assets/http-Dqk_-m1h.js +0 -1
  1176. package/assets/ichigojam-Ew3H_Wnw.js +0 -1
  1177. package/assets/icon-7__9w3uI.js +0 -1
  1178. package/assets/icu-message-format-Dq2hIL7F.js +0 -1
  1179. package/assets/idris-Cyzo9vXh.js +0 -1
  1180. package/assets/iecst-DXWmu6AB.js +0 -1
  1181. package/assets/ignore-BOIdB3R9.js +0 -1
  1182. package/assets/index-COcBHp7b.css +0 -1
  1183. package/assets/index-CtirNuor.js +0 -3412
  1184. package/assets/info-63CPKGFF-Eft_YXi-.js +0 -1
  1185. package/assets/infoDiagram-6WOFNB3A-D1P6rKbs.js +0 -2
  1186. package/assets/inform7-Bc1mK28U.js +0 -1
  1187. package/assets/ini-BscO_0vf.js +0 -6
  1188. package/assets/ini-DdalcVCy.js +0 -1
  1189. package/assets/init-Gi6I4Gst.js +0 -1
  1190. package/assets/io-Dt_mcl8h.js +0 -1
  1191. package/assets/j-C-lF-CU_.js +0 -1
  1192. package/assets/java-45YI1AnS.js +0 -1
  1193. package/assets/java-BxMbkJZ_.js +0 -1
  1194. package/assets/java-CtY9ZHW8.js +0 -6
  1195. package/assets/javadoc-Bpiw_kgn.js +0 -1
  1196. package/assets/javadoclike-myFApC35.js +0 -1
  1197. package/assets/javadoclike-yg2D82m1.js +0 -1
  1198. package/assets/javascript-BFZWKPPJ.js +0 -1
  1199. package/assets/javascript-Br0LiqtA.js +0 -6
  1200. package/assets/javascript-D8vYUPHd.js +0 -1
  1201. package/assets/javastacktrace-BpG-AgnP.js +0 -1
  1202. package/assets/jexl-D2VVX-f4.js +0 -1
  1203. package/assets/jolie-B1EwmubH.js +0 -1
  1204. package/assets/journeyDiagram-FFXJYRFH-Bz2eGQD1.js +0 -139
  1205. package/assets/jq-B1-LZ9LN.js +0 -1
  1206. package/assets/js-extras-CAdKnlUK.js +0 -1
  1207. package/assets/js-templates-BJ0RNBBn.js +0 -1
  1208. package/assets/jsdoc-CgalBxHx.js +0 -1
  1209. package/assets/json-BESjz4hO.js +0 -1
  1210. package/assets/json-CQzD9Vuv.js +0 -1
  1211. package/assets/json5-DMROsLE9.js +0 -1
  1212. package/assets/jsonMode-B7JNisD6.js +0 -11
  1213. package/assets/jsonp-CtbFEoSO.js +0 -1
  1214. package/assets/jsstacktrace-CWlR2r3M.js +0 -1
  1215. package/assets/jsx-Bcm3mCMX.js +0 -1
  1216. package/assets/jsx-CWP8P1mH.js +0 -1
  1217. package/assets/julia-DOes61nN.js +0 -6
  1218. package/assets/julia-DawUNhKV.js +0 -1
  1219. package/assets/kanban-definition-KOZQBZVT-BSCp431P.js +0 -89
  1220. package/assets/katex-ChWnQ-fc.js +0 -261
  1221. package/assets/keepalived-DTrfwL7-.js +0 -1
  1222. package/assets/keyman-Dt-YdFQG.js +0 -1
  1223. package/assets/kotlin-DDKW_KJ3.js +0 -1
  1224. package/assets/kotlin-DTDxWyre.js +0 -6
  1225. package/assets/kumir-CL2qFoX9.js +0 -1
  1226. package/assets/kusto-CgVKIahq.js +0 -1
  1227. package/assets/latex-CTdn8dw3.js +0 -1
  1228. package/assets/latte-Dph7wDda.js +0 -1
  1229. package/assets/layout-BGYG4PDW.js +0 -1
  1230. package/assets/less-BW9Z7xNV.js +0 -1
  1231. package/assets/less-CqJAWV1X.js +0 -7
  1232. package/assets/lexon-BXW1vGDt.js +0 -6
  1233. package/assets/lilypond--bIKevXM.js +0 -1
  1234. package/assets/linear-7u2-1SjO.js +0 -1
  1235. package/assets/liquid-BdCB7FYI.js +0 -6
  1236. package/assets/liquid-C6_JMpJr.js +0 -1
  1237. package/assets/lisp-BbfmjfSW.js +0 -1
  1238. package/assets/livescript-Cnhwlvbs.js +0 -1
  1239. package/assets/llvm-C5uGkJFM.js +0 -1
  1240. package/assets/log-ClfVLSxk.js +0 -1
  1241. package/assets/lolcode-D1tQ-v_i.js +0 -1
  1242. package/assets/lua-BsJoX6Ep.js +0 -1
  1243. package/assets/lua-DER4jxlW.js +0 -1
  1244. package/assets/lua-DLZgaSX1.js +0 -6
  1245. package/assets/m3-CLtYU2dl.js +0 -6
  1246. package/assets/magma-fNoNeIcf.js +0 -1
  1247. package/assets/makefile-B_SRsjlq.js +0 -1
  1248. package/assets/markdown-7fQo6M4U.js +0 -6
  1249. package/assets/markdown-mUAGnld7.js +0 -1
  1250. package/assets/markup-BONeskWm.js +0 -1
  1251. package/assets/markup-BuqVoeXR.js +0 -1
  1252. package/assets/markup-templating-BxAVv-bL.js +0 -1
  1253. package/assets/markup-templating-DU1K9_L8.js +0 -1
  1254. package/assets/matlab-D-TP_4M6.js +0 -1
  1255. package/assets/maxscript-BufcWGly.js +0 -1
  1256. package/assets/mdx-D5QtPHo7.js +0 -6
  1257. package/assets/mel-BiL0mMX7.js +0 -1
  1258. package/assets/mermaid-C6ZJwRbK.js +0 -1
  1259. package/assets/mermaid-parser.core-B8tr8YAl.js +0 -129
  1260. package/assets/min-DlmeNnOM.js +0 -1
  1261. package/assets/mindmap-definition-LNHGMQRG-BzbXC-47.js +0 -95
  1262. package/assets/mips-DcG9r2vI.js +0 -6
  1263. package/assets/mizar-CTg9VBxB.js +0 -1
  1264. package/assets/mongodb-DZIW47b_.js +0 -1
  1265. package/assets/monkey-OTcCeVas.js +0 -1
  1266. package/assets/moonscript-B9q5jFPJ.js +0 -1
  1267. package/assets/msdax-DN__iVzl.js +0 -6
  1268. package/assets/mysql-05d2lfAy.js +0 -6
  1269. package/assets/n1ql-zxH7u8ek.js +0 -1
  1270. package/assets/n4js-DxH8puYd.js +0 -1
  1271. package/assets/nand2tetris-hdl-Y9CaATwQ.js +0 -1
  1272. package/assets/naniscript-fj11wz4c.js +0 -1
  1273. package/assets/nasm-CmwjTodA.js +0 -1
  1274. package/assets/neon-DM1vXAju.js +0 -1
  1275. package/assets/nevod-awEjSQiN.js +0 -1
  1276. package/assets/nginx-CtMkRQkZ.js +0 -1
  1277. package/assets/nim-BpvUfA3V.js +0 -1
  1278. package/assets/nix-L30ZSyVO.js +0 -1
  1279. package/assets/nsis-B-wYmCZG.js +0 -1
  1280. package/assets/objective-c-B_h_kxCB.js +0 -6
  1281. package/assets/objectivec-DqmvSFQo.js +0 -1
  1282. package/assets/ocaml-DxsXmoff.js +0 -1
  1283. package/assets/opencl-DE2DwDDh.js +0 -1
  1284. package/assets/openqasm-B_Z2Pbfo.js +0 -1
  1285. package/assets/ordinal-Cboi1Yqb.js +0 -1
  1286. package/assets/oz-BsEvVihN.js +0 -1
  1287. package/assets/packet-HUATNLJX-DZEv4qIp.js +0 -1
  1288. package/assets/parigp-Cb59kgzM.js +0 -1
  1289. package/assets/parser-BPfu9fvJ.js +0 -1
  1290. package/assets/pascal-B60lAKfe.js +0 -1
  1291. package/assets/pascal-Bc-8SB3K.js +0 -6
  1292. package/assets/pascaligo-Dcwo06z5.js +0 -6
  1293. package/assets/pascaligo-jljTdZcp.js +0 -1
  1294. package/assets/pcaxis-D5-ZKbf-.js +0 -1
  1295. package/assets/peoplecode-CHa_iagU.js +0 -1
  1296. package/assets/perl-BnGpdHsN.js +0 -6
  1297. package/assets/perl-k-uTMlyD.js +0 -1
  1298. package/assets/pgsql-DfVleuq_.js +0 -6
  1299. package/assets/php-CH5O-_gG.js +0 -6
  1300. package/assets/php-DkI131Jd.js +0 -1
  1301. package/assets/php-extras-DwKASBiR.js +0 -1
  1302. package/assets/php-iTdQntIy.js +0 -1
  1303. package/assets/phpdoc-U7fWPc6E.js +0 -1
  1304. package/assets/pie-WTHONI2E-7OIW4qVI.js +0 -1
  1305. package/assets/pieDiagram-DBDJKBY4-C_nsodWG.js +0 -30
  1306. package/assets/pla-BUVXxyGx.js +0 -6
  1307. package/assets/plsql-vgmv1Vi6.js +0 -1
  1308. package/assets/postiats-DSt55phJ.js +0 -6
  1309. package/assets/powerquery-2KNS9mh4.js +0 -6
  1310. package/assets/powerquery-DmK9Euuu.js +0 -1
  1311. package/assets/powershell-CCS0rx-A.js +0 -6
  1312. package/assets/powershell-CKXrQp96.js +0 -1
  1313. package/assets/processing-B5NyV_CO.js +0 -1
  1314. package/assets/prolog-BWIt2B_6.js +0 -1
  1315. package/assets/promql-B_QoDoXl.js +0 -1
  1316. package/assets/properties-DaR4F6tG.js +0 -1
  1317. package/assets/protobuf-5lyCd6Ku.js +0 -7
  1318. package/assets/protobuf-D5QPKMFw.js +0 -1
  1319. package/assets/psl-D6wB8sa6.js +0 -1
  1320. package/assets/pug-Df1YS9qd.js +0 -1
  1321. package/assets/pug-Dg4O54Js.js +0 -6
  1322. package/assets/puppet-BO-UEy3J.js +0 -1
  1323. package/assets/pure-_uKvBHAQ.js +0 -1
  1324. package/assets/purebasic-B4ULSQZE.js +0 -1
  1325. package/assets/purescript-BZ-uz2lE.js +0 -1
  1326. package/assets/python-B85Wtz1L.js +0 -1
  1327. package/assets/python-D7SSynp9.js +0 -6
  1328. package/assets/q-vO-s84n9.js +0 -1
  1329. package/assets/qml-kaZ2gDT3.js +0 -1
  1330. package/assets/qore-DVq2LQeL.js +0 -1
  1331. package/assets/qsharp-BHSA_OC9.js +0 -6
  1332. package/assets/qsharp-Bf2rFqlm.js +0 -1
  1333. package/assets/quadrantDiagram-YPSRARAO-DApXzXyD.js +0 -7
  1334. package/assets/r-DBvxNhD8.js +0 -6
  1335. package/assets/r-DeLDWJTd.js +0 -1
  1336. package/assets/racket-BcNKcbHA.js +0 -1
  1337. package/assets/radar-NJJJXTRR-DTGUp5A0.js +0 -1
  1338. package/assets/razor-BGJSc0Tr.js +0 -6
  1339. package/assets/reason-DgdS1e1I.js +0 -1
  1340. package/assets/redis-mBNZiS5I.js +0 -6
  1341. package/assets/redshift-gtd9hS2x.js +0 -6
  1342. package/assets/reduce-BgTPaPsL.js +0 -1
  1343. package/assets/regex-CIYZLC96.js +0 -1
  1344. package/assets/rego-DCo8FQR5.js +0 -1
  1345. package/assets/renpy-BUspwmyO.js +0 -1
  1346. package/assets/requirementDiagram-EGVEC5DT-u3Jr1c40.js +0 -64
  1347. package/assets/rest-CdGjvoQ8.js +0 -1
  1348. package/assets/restructuredtext-45Xf76JB.js +0 -6
  1349. package/assets/rip-C0zBlfI9.js +0 -1
  1350. package/assets/roboconf-CtH-vuuD.js +0 -1
  1351. package/assets/robotframework-B2sSQjjW.js +0 -1
  1352. package/assets/roboto-cyrillic-400-normal-C5q4FMUG.woff +0 -0
  1353. package/assets/roboto-cyrillic-400-normal-DAIM1_dR.woff2 +0 -0
  1354. package/assets/roboto-cyrillic-ext-400-normal-5IDvadIC.woff +0 -0
  1355. package/assets/roboto-cyrillic-ext-400-normal-DzMWdK87.woff2 +0 -0
  1356. package/assets/roboto-greek-400-normal-DwVopRQH.woff +0 -0
  1357. package/assets/roboto-greek-400-normal-jFM2czAU.woff2 +0 -0
  1358. package/assets/roboto-latin-400-normal-BX2H0A0_.woff +0 -0
  1359. package/assets/roboto-latin-400-normal-CNwBRw8h.woff2 +0 -0
  1360. package/assets/roboto-latin-ext-400-normal-BG57dRWO.woff +0 -0
  1361. package/assets/roboto-latin-ext-400-normal-ZYmyxeOy.woff2 +0 -0
  1362. package/assets/roboto-math-400-normal-B3wgz80t.woff2 +0 -0
  1363. package/assets/roboto-math-400-normal-BRMeFL5Z.woff +0 -0
  1364. package/assets/roboto-symbols-400-normal-B2LMqLB2.woff +0 -0
  1365. package/assets/roboto-symbols-400-normal-fF1SLJBj.woff2 +0 -0
  1366. package/assets/roboto-vietnamese-400-normal-BYP5tVVv.woff +0 -0
  1367. package/assets/roboto-vietnamese-400-normal-CDDxGrUb.woff2 +0 -0
  1368. package/assets/ruby-B2ODcCrN.js +0 -1
  1369. package/assets/ruby-CEgcCkh9.js +0 -6
  1370. package/assets/ruby-DYsn9XfW.js +0 -1
  1371. package/assets/rust-BChN5uNh.js +0 -6
  1372. package/assets/rust-BVonVJBT.js +0 -1
  1373. package/assets/sankeyDiagram-HRAUVNP4-CFVhGSiA.js +0 -10
  1374. package/assets/sas-C51qgIML.js +0 -1
  1375. package/assets/sass-aSk38cgu.js +0 -1
  1376. package/assets/sb-5vPrUWN-.js +0 -6
  1377. package/assets/scala-BQOorN7X.js +0 -6
  1378. package/assets/scala-CHGF8rj2.js +0 -1
  1379. package/assets/scheme-Cscf027c.js +0 -1
  1380. package/assets/scheme-DkJ87xtR.js +0 -6
  1381. package/assets/scheme-DtBnt09V.js +0 -1
  1382. package/assets/scss-CpPOP9XS.js +0 -8
  1383. package/assets/scss-CwFwUKHz.js +0 -1
  1384. package/assets/sequenceDiagram-WFGC7UMF-2hkaJ4an.js +0 -122
  1385. package/assets/shell-BHhUv290.js +0 -6
  1386. package/assets/shell-session-B1lsY4lP.js +0 -1
  1387. package/assets/smali-DoC35MXt.js +0 -1
  1388. package/assets/smalltalk-DC7K9Zjc.js +0 -1
  1389. package/assets/smarty-Dya8aFU7.js +0 -1
  1390. package/assets/sml-BAkRAbsh.js +0 -1
  1391. package/assets/solidity-BFcLIl1x.js +0 -6
  1392. package/assets/solidity-DzvaOMP9.js +0 -1
  1393. package/assets/solution-file-Bmez1lHa.js +0 -1
  1394. package/assets/sophia-z0tjJxhY.js +0 -6
  1395. package/assets/soy-YLTPfz3s.js +0 -1
  1396. package/assets/sparql-BTJymgeb.js +0 -6
  1397. package/assets/sparql-Dune-Ey0.js +0 -1
  1398. package/assets/splunk-spl-BBCP9G49.js +0 -1
  1399. package/assets/sqf-CXQAyqIQ.js +0 -1
  1400. package/assets/sql-02c4jPTl.js +0 -1
  1401. package/assets/sql-BFyYaP5s.js +0 -6
  1402. package/assets/sql-CJATM1Qp.js +0 -1
  1403. package/assets/squirrel-C0xvhdrs.js +0 -1
  1404. package/assets/st-DZS1F9ME.js +0 -6
  1405. package/assets/stan-B1JCuN-c.js +0 -1
  1406. package/assets/stateDiagram-UUKSUZ4H-wJehzXeN.js +0 -1
  1407. package/assets/stateDiagram-v2-EYPG3UTE-BSNhmMZe.js +0 -1
  1408. package/assets/stylus-r331_ig_.js +0 -1
  1409. package/assets/swift-B9J5Xueq.js +0 -1
  1410. package/assets/swift-BwlyOzQq.js +0 -8
  1411. package/assets/systemd-XWCGy8Ob.js +0 -2
  1412. package/assets/systemverilog-DJsb8r0W.js +0 -6
  1413. package/assets/t4-cs-Dc98chgs.js +0 -1
  1414. package/assets/t4-templating-B5EzSFYT.js +0 -1
  1415. package/assets/t4-templating-BvTJ1ev3.js +0 -1
  1416. package/assets/t4-vb-BZfdBq4p.js +0 -1
  1417. package/assets/tap-DhlZD9D0.js +0 -1
  1418. package/assets/tcl-CjHYkh5E.js +0 -6
  1419. package/assets/tcl-CuPFotZK.js +0 -1
  1420. package/assets/textile-BXq80H_I.js +0 -1
  1421. package/assets/timeline-definition-3HZDQTIS-DGZYlLIL.js +0 -61
  1422. package/assets/toml-B5y3O0-s.js +0 -1
  1423. package/assets/treemap-75Q7IDZK-BBJN3GI7.js +0 -1
  1424. package/assets/tremor-C9Ysgl4-.js +0 -1
  1425. package/assets/tsMode-BVMxS71B.js +0 -16
  1426. package/assets/tsx-CLBH7tR4.js +0 -1
  1427. package/assets/tt2-FoOwDDSs.js +0 -1
  1428. package/assets/turtle-BK5vaG_v.js +0 -1
  1429. package/assets/turtle-Ro1R6Je7.js +0 -1
  1430. package/assets/twig-CmYTg8Iu.js +0 -6
  1431. package/assets/twig-Csv3LkDK.js +0 -1
  1432. package/assets/typescript-0ftPtREK.js +0 -6
  1433. package/assets/typescript-CVO-8GEc.js +0 -1
  1434. package/assets/typescript-DVbMPcDB.js +0 -1
  1435. package/assets/typespec-Dwv00aWl.js +0 -6
  1436. package/assets/typoscript-0nvYot7S.js +0 -1
  1437. package/assets/unrealscript-LwNoQ3hK.js +0 -1
  1438. package/assets/uorazor-Cwh8UkUY.js +0 -1
  1439. package/assets/uri-DshCX7s1.js +0 -1
  1440. package/assets/v-COh0hg4M.js +0 -1
  1441. package/assets/vala-DgFyuUwt.js +0 -1
  1442. package/assets/vb-BjPEumh4.js +0 -6
  1443. package/assets/vbnet-BhrUc4aD.js +0 -1
  1444. package/assets/vbnet-Wk_aEgDi.js +0 -1
  1445. package/assets/velocity-DFFugm2u.js +0 -1
  1446. package/assets/verilog-BKx734nL.js +0 -1
  1447. package/assets/vhdl-Cp7FcdJo.js +0 -1
  1448. package/assets/vim-CnU0V9TN.js +0 -1
  1449. package/assets/visual-basic-hpwCRIX4.js +0 -1
  1450. package/assets/warpscript-BGP6IruP.js +0 -1
  1451. package/assets/wasm-CZNW1nwO.js +0 -1
  1452. package/assets/web-idl-BPOBeez0.js +0 -1
  1453. package/assets/wgsl-Bp8RP3jd.js +0 -303
  1454. package/assets/wiki-CJ3thIMw.js +0 -1
  1455. package/assets/wolfram-DKnA8Se6.js +0 -1
  1456. package/assets/wren-CqsJ3mfc.js +0 -1
  1457. package/assets/xeora-DMp8mBB8.js +0 -1
  1458. package/assets/xml-Bac-zZiz.js +0 -6
  1459. package/assets/xml-doc-Vd4sAKdf.js +0 -1
  1460. package/assets/xojo-UInKc1K-.js +0 -1
  1461. package/assets/xquery-rmywbRjN.js +0 -1
  1462. package/assets/xychartDiagram-FDP5SA34-BvJlNneq.js +0 -7
  1463. package/assets/yaml-BxI0F9PE.js +0 -6
  1464. package/assets/yaml-D9S3dJfe.js +0 -1
  1465. package/assets/yaml-pHjxJgpq.js +0 -1
  1466. package/assets/yang-C4BJM-5B.js +0 -1
  1467. package/assets/zig-BT9rKyM0.js +0 -1
  1468. package/index.html +0 -24
package/hit-CQYBTSKb.js ADDED
@@ -0,0 +1,7 @@
1
+ const GET = /* @__PURE__ */ JSON.parse('{"7dxHCat0Y2Sj48qyU7ZkVV":{"timestamp":"2023-02-11T15:10:31.585826Z","labels":{"key_a":"market","key_b":"about","key_c":"working","key_d":"innovative","key_e":"stays"},"tags":["supports","key"],"howler":{"id":"7dxHCat0Y2Sj48qyU7ZkVV","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Execution","hash":"673c3fe4016724cc6065fa77e0cf6e3b03483c5332b7ac636b4e12727faa7d3a","related":["feedback","promote"],"reliability":4023.15,"severity":1095,"volume":1431.33,"confidence":217.5,"score":3507.96,"status":"open","scrutiny":"unseen","escalation":"alert","assessment":null,"comment":[{"id":"5chtJGVvt5SpMI7YH6PibQ","timestamp":"2023-02-23T23:51:24.586009Z","modified":"2023-02-18T00:26:32.586013Z","value":"Every citizen of Canada has the right to vote in an election of members of the House of Commons or of a legislative assembly and to be qualified for membership therein.","user":"shawnh"},{"id":"2ICyBck5sJhX2GWLuLMFhw","timestamp":"2023-02-28T10:14:44.586042Z","modified":"2023-02-13T03:27:35.586046Z","value":"Freedom of peaceful assembly.","user":"user"},{"id":"1oecBC2XdJPy9gU5RjGqVU","timestamp":"2023-03-06T09:33:38.586071Z","modified":"2023-02-07T02:44:04.586074Z","value":"An Act or a provision of an Act in respect of which a declaration made under this section is in effect shall have such operation as it would have but for the provision of this Charter referred to in the declaration.","user":"admin"},{"modified":"2023-03-10T14:54:58.568185Z","id":"suIQmiBNGqGLN1wJm7Tz9","value":"test","user":"shawnh","timestamp":"2023-03-10T14:54:58.568131Z"},{"modified":"2023-03-10T14:55:38.828305Z","id":"3qfxsmnnQ7nwfa3chGHJXk","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:38.828153Z"},{"modified":"2023-03-10T15:11:44.521613Z","id":"4gdhqWCC5IkZCvKydcEKAW","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:44.521467Z"},{"modified":"2023-03-10T15:12:30.280186Z","id":"GHcqEYuyDyrtgsA0lsfFH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:30.280140Z"},{"modified":"2023-03-10T15:13:00.808445Z","id":"1N9ziJSk3GGSrjNRsYCYXO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:00.808394Z"},{"modified":"2023-03-10T15:13:24.518926Z","id":"XbfzKjWpUPaU450qPIEY1","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:24.518860Z"},{"modified":"2023-03-10T15:14:19.925379Z","id":"6cnxbwh7JPKMQYZ1h3alHn","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:19.925302Z"},{"modified":"2023-03-10T15:14:46.595319Z","id":"33u5eX48Inmh6hAjXioPX1","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:46.595271Z"},{"modified":"2023-03-10T15:19:06.354808Z","id":"Z7lJrPnstvFSkXZRCZp8E","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:06.354715Z"},{"modified":"2023-03-10T15:19:58.690628Z","id":"3P0npMd11CQoFVdd8ljxad","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:58.690345Z"},{"modified":"2023-03-10T15:21:37.333916Z","id":"1O8ca4xJ6GRcLwUFNnTCZJ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:37.333849Z"},{"modified":"2023-03-10T15:23:11.809085Z","id":"DJfkVwztADJk8uYYYC5wp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:11.809008Z"},{"modified":"2023-03-10T15:26:25.858439Z","id":"7bz3s7814AeqAq3Wg2vNOb","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:25.858379Z"},{"modified":"2023-03-10T15:30:58.874037Z","id":"1XtAoLzvgeFtgIn2bcNah6","value":"test","user":"shawnh","timestamp":"2023-03-10T15:30:58.873985Z"},{"modified":"2023-03-10T15:34:13.371190Z","id":"3vo0M79R4i1YQKkZBhWRM6","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:13.371031Z"},{"modified":"2023-03-10T15:40:24.300881Z","id":"1NE89oXvwD1kOZ0wDLz34g","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:24.300830Z"}],"log":[{"timestamp":"2023-02-13T22:53:18.586084Z","key":"product","explanation":"To have the validity of the detention determined by way of habeas corpus and to be released if the detention is not lawful.","new_value":"constantly","type":"set","previous_value":"For","user":"user"},{"timestamp":"2023-03-05T21:52:44.586107Z","key":"engaging","explanation":"English and French linguistic communities in New Brunswick.","new_value":"new","type":"set","previous_value":"sizes","user":"user"},{"timestamp":"2023-03-03T13:35:00.586127Z","key":"other","explanation":"To be tried within a reasonable time.","new_value":"website","type":"removed","previous_value":"government","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"suIQmiBNGqGLN1wJm7Tz9\\", \\"timestamp\\": \\"2023-03-10T14:54:58.568131Z\\", \\"modified\\": \\"2023-03-10T14:54:58.568185Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:54:58.663984Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3qfxsmnnQ7nwfa3chGHJXk\\", \\"timestamp\\": \\"2023-03-10T14:55:38.828153Z\\", \\"modified\\": \\"2023-03-10T14:55:38.828305Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:38.958546Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4gdhqWCC5IkZCvKydcEKAW\\", \\"timestamp\\": \\"2023-03-10T15:11:44.521467Z\\", \\"modified\\": \\"2023-03-10T15:11:44.521613Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:44.606229Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"GHcqEYuyDyrtgsA0lsfFH\\", \\"timestamp\\": \\"2023-03-10T15:12:30.280140Z\\", \\"modified\\": \\"2023-03-10T15:12:30.280186Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:30.381073Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1N9ziJSk3GGSrjNRsYCYXO\\", \\"timestamp\\": \\"2023-03-10T15:13:00.808394Z\\", \\"modified\\": \\"2023-03-10T15:13:00.808445Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:00.901349Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"XbfzKjWpUPaU450qPIEY1\\", \\"timestamp\\": \\"2023-03-10T15:13:24.518860Z\\", \\"modified\\": \\"2023-03-10T15:13:24.518926Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:24.638184Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6cnxbwh7JPKMQYZ1h3alHn\\", \\"timestamp\\": \\"2023-03-10T15:14:19.925302Z\\", \\"modified\\": \\"2023-03-10T15:14:19.925379Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:20.039510Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"33u5eX48Inmh6hAjXioPX1\\", \\"timestamp\\": \\"2023-03-10T15:14:46.595271Z\\", \\"modified\\": \\"2023-03-10T15:14:46.595319Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:46.707664Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Z7lJrPnstvFSkXZRCZp8E\\", \\"timestamp\\": \\"2023-03-10T15:19:06.354715Z\\", \\"modified\\": \\"2023-03-10T15:19:06.354808Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:06.503648Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3P0npMd11CQoFVdd8ljxad\\", \\"timestamp\\": \\"2023-03-10T15:19:58.690345Z\\", \\"modified\\": \\"2023-03-10T15:19:58.690628Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:58.905445Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1O8ca4xJ6GRcLwUFNnTCZJ\\", \\"timestamp\\": \\"2023-03-10T15:21:37.333849Z\\", \\"modified\\": \\"2023-03-10T15:21:37.333916Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:37.465007Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"DJfkVwztADJk8uYYYC5wp\\", \\"timestamp\\": \\"2023-03-10T15:23:11.809008Z\\", \\"modified\\": \\"2023-03-10T15:23:11.809085Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:11.939417Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7bz3s7814AeqAq3Wg2vNOb\\", \\"timestamp\\": \\"2023-03-10T15:26:25.858379Z\\", \\"modified\\": \\"2023-03-10T15:26:25.858439Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:25.974440Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1XtAoLzvgeFtgIn2bcNah6\\", \\"timestamp\\": \\"2023-03-10T15:30:58.873985Z\\", \\"modified\\": \\"2023-03-10T15:30:58.874037Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:30:58.982996Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3vo0M79R4i1YQKkZBhWRM6\\", \\"timestamp\\": \\"2023-03-10T15:34:13.371031Z\\", \\"modified\\": \\"2023-03-10T15:34:13.371190Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:13.471927Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1NE89oXvwD1kOZ0wDLz34g\\", \\"timestamp\\": \\"2023-03-10T15:40:24.300830Z\\", \\"modified\\": \\"2023-03-10T15:40:24.300881Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:24.381655Z"}],"retained":"potential","monitored":"participating","reported":"Centre","mitigated":"certain","outline":{"threat":"182.96.34.194","target":"examine.com","indicators":["key.gif","from_examine_role.pdf","feedback.exe","provide_innovation.gif","but_bringing.gif","security_experts_on.xls","innovative_them_working.gif","edge.ppt","innovations_experts_commercial.ppt","market_an.exe","technical_on_stays.exe","transition_by_innovations.pdf","innovation_with.jpg","are_stays.xls","program_support.pdf"],"summary":"There shall be a sitting of Parliament and of each legislature at least once every twelve months."},"labels":{"assignments":["ACE1C"],"generic":["Documentation"]},"votes":{"benign":["evaluate","survey","BCIP"],"obscure":["Program","art","levels"],"malicious":["open","vendors"]},"dossier":{"key_a":"71","key_b":"[\\"government\\", \\"enhanced\\", \\"determine\\"]"}},"assemblyline":{"antivirus":[{"type":"technologies","subtype":"edge","value":"innovations","verdict":"safe"},{"type":"about","subtype":"bringing","value":"provide","verdict":"safe"},{"type":"do","subtype":"other","value":"partners","verdict":"info"},{"type":"technology","subtype":"their","value":"our","verdict":"suspicious"}],"attribution":[{"type":"Government","subtype":"new","value":"this","verdict":"malicious"}],"behaviour":[{"type":"emerging","subtype":"certain","value":"Government","verdict":"safe"},{"type":"our","subtype":"support","value":"order","verdict":"info"}],"domain":[{"type":"feedback","subtype":"innovation","value":"Canada","verdict":"market"},{"type":"goods","subtype":"BCIP","value":"technology","verdict":"technical"},{"type":"academia","subtype":"role","value":"is","verdict":"Innovation"},{"type":"laboratory","subtype":"them","value":"potential","verdict":"potential"}],"heuristic":[{"type":"engaging","subtype":"technology","value":"One","verdict":"malicious"},{"type":"partners","subtype":"state","value":"key","verdict":"safe"},{"type":"to","subtype":"product","value":"examine","verdict":"suspicious"},{"type":"across","subtype":"them","value":"collaborating","verdict":"info"}],"mitre":{"tactic":[{"type":"government","subtype":"Government","value":"invite","verdict":"malicious"},{"type":"marketplace","subtype":"open","value":"country","verdict":"safe"},{"type":"edge","subtype":"stays","value":"laboratory","verdict":"safe"},{"type":"constantly","subtype":"laboratory","value":"laboratory","verdict":"safe"}],"technique":[{"type":"them","subtype":"them","value":"improve","verdict":"safe"}]},"uri":[{"type":"One","subtype":"innovation","value":"stays","verdict":"supports"},{"type":"environment","subtype":"innovations","value":"We","verdict":"testing"},{"type":"We","subtype":"technology","value":"do","verdict":"programs"},{"type":"is","subtype":"cutting","value":"services","verdict":"by"}],"yara":[{"type":"helps","subtype":"We","value":"determine","verdict":"info"}]},"agent":{"id":"Canada","name":"assist.ppt","type":"programs","version":"7.1.1"},"cbs":{"sharepoint":{"created":{"application":"We","user":"Example User"},"modified":{"application":"C:\\\\Applications\\\\word.exe","user":"Example User"}}},"cloud":{"account":{"id":"example.user@example.com","name":"Example User"},"availability_zone":"marketplace","instance":{"id":"potential","name":"levels_us_of.exe"},"machine":{"type":"certain"},"project":{"id":"goods","name":"innovations_program.ppt"},"provider":"cutting","region":"also","service":{"name":"Google Drive"},"tenant_id":"4v4bQz86eAhL7Nq4zqeO9c"},"container":{"id":"examine","image":{"hash":{"all":["partners","enhanced"]},"name":"enhanced.jpg","tag":["transition","more","emerging"]},"labels":{"key_a":"partners","key_b":"innovations","key_c":"laboratory"},"name":"role_other.pdf","runtime":"Canada"},"destination":{"address":"determine","bytes":1963,"domain":"defence.ca","geo":{"city_name":"this_is.ppt","continent_code":"One","continent_name":"innovative.lnk","country_iso_code":"art","country_name":"across_stays.exe","location":{"lon":2186.58,"lat":1806.77},"name":"marketplace.gif","postal_code":"industry","region_iso_code":"in","region_name":"engaging_tools_services.doc","timezone":"support"},"ip":"184.247.66.162","mac":"d6:0f:50:6c:41:2a","nat":{"ip":"222.70.26.48","port":1468},"packets":1111,"port":2673},"dns":{"answers":[{"class":"from","data":"certain","name":"other_enhanced_defence.jpg","ttl":2516,"type":"government"},{"class":"cyber","data":"Program","name":"learn_support.xls","ttl":2417,"type":"tools"},{"class":"feedback","data":"potential","name":"tools_partners_with.ppt","ttl":1336,"type":"open"}],"header_flags":["enhanced","market"],"id":"also","op_code":"supports","question":{"class":"One","name":"performs_program.doc","registered_domain":"problems.ca","subdomain":"all.ca","top_level_domain":"support.ca","type":"edge"},"resolved_ip":["1.146.118.69","207.169.241.53","78.37.203.120","67.244.148.36"],"response_code":"engaging","type":"about"},"ecs":{"version":"4.5.4"},"error":{"code":"40098","message":"You need to authenticate using two-factor authentication."},"event":{"action":"A user did a bad thing","category":["configuration"],"code":"determine","created":"2023-03-10T03:05:15.587028Z","dataset":"industry","duration":1002,"end":"2023-03-09T02:36:54.587041Z","hash":"with","id":"7dxHCat0Y2Sj48qyU7ZkVV","ingested":"2023-02-19T05:57:28.587051Z","kind":"enrichment","module":"but","original":"is","outcome":"success","provider":"HBS","reason":"sizes","reference":"this","risk_score":3554.66,"risk_score_norm":1937.13,"sequence":1706,"severity":2226,"start":"2023-02-23T13:04:03.587084Z","timezone":"academia","type":["denied"],"url":"feedback"},"email":{"attachments":[{"file":{"extension":"key","hash":{"md5":"1c3cb0489d60fb885f2afb2978a62ad1","sha1":"bc014635194c677067defdfbe13f5fcc21f0c403","sha256":"53e628e7e58e5b1ced8da31d29e6e3bf42ba10321f70f48ad732597933c41497","sha384":"8516e8c20d88795a5c34f0e16ecd85ed2ca3ca2565bcdffa70d6e5fb1fdb75f1e71d378d571ebddcede408fee12a7365","sha512":"3a8b57627b4c6878489bc7c1d23b3c05dbcc93c03fa66436dffd0a7bdd82ff1e939f437661750abbaedae9583199625d629982c787105a59b3c2f26f327375e6","ssdeep":"67187:ZQ4D9MeYQGc513A9gjedebwk4tlos2xrlIhbR8UJ6dT9z7x6JkNNzgSsXlZos:qjAlaVQaj2ezeuFlgLj5Rhe2cSXyzfeoNyyFXPtyi0egLlptqtd1A0Mf07OF","tlsh":"bringing"},"mime_type":"One","name":"we_learn.gif","size":1976}},{"file":{"extension":"provide","hash":{"md5":"98ccfac736649a9bb381c8edde65784e","sha1":"5db6fd6b9a9058577d097d870436689e91c0a5eb","sha256":"63ce2fe032d55676ab7de8b3fe35c52ed4d94042af5759f89612aadf2020b510","sha384":"66d5c8b632825759a2533a8fa836463655f91c5170365957e0699fce974bc2aa454dfbaee1f69bcfcf0975e1e03ddb44","sha512":"a4ff74b242439f1418ba2eec7242f1dde69d5a1c849e8cb5fc5ebec23cc5114ce01171e24153e07b2d16ac0ba5dc3422b0fc8a60a1c151fc66d9bcb5525e26cb","ssdeep":"34855:2nScrddGwKoB6zcoMZCCVVVMcZjZaG5oFOQ2rjZX85UEI4DXHGiZ6iHuPcN:bnOnZyk3naXkkdJxA7Evx3jNZwuBKKPU2FUP9TXOP9nU8JNmTAa","tlsh":"more"},"mime_type":"We","name":"laboratory.doc","size":2482}},{"file":{"extension":"this","hash":{"md5":"cba0c5d00c1b98ac8d3827d21d926e28","sha1":"28b98dde3dfbf11c25bfbefaaccfaf68e18e89c0","sha256":"73f585cec42149001b441e70eddbe9a7651375dd67011afdd6cef2f4c7f1e831","sha384":"d9c5ce74c27fc7b13a305528e077c2508eeec7abb9f789b4a19627b25f2a73672c481770ff37acc99aee223566d4cf09","sha512":"ea13e195e36b6da62b1370db9682f0b2420fe96205ce310d8ac372957feda6dd2deb2f5438213ff6600e5c7a2af3df56fc556a68d769c3be16c5ea471753eae9","ssdeep":"12753:LJOAIid1rFytPFEkPX9VIAcJ0020p:UEB1hwrflv7HZtRQhzBuzDnGqUSFKKIf9","tlsh":"For"},"mime_type":"Centre","name":"art_private.jpg","size":1429}}],"bcc":{"address":"examine@work.com"},"cc":{"address":"cyber@constantly.ca"},"content_type":"sizes","delivery_timestamp":"2023-03-08T11:30:30.587708Z","direction":"the","from":{"address":"enhanced@stays.edu"},"local_id":"5BVMWYgA1GVlboFIASItfA","message_id":"u5a4pI3CaorEt01TqHa7m","origination_timestamp":"2023-02-22T16:22:46.587765Z","reply_to":{"address":"transition@website.ca"},"sender":{"address":"vendors@development.edu"},"subject":"stays","to":{"address":"assist@enhanced.edu"},"x_mailer":"Build","parent":{"bcc":{"address":"tools@state.biz"},"cc":{"address":"commercial@technical.ca"},"from":{"address":"defence@transition.ca"},"message_id":"4FwCNanNqQcpUEEha8F6Cw","origination_timestamp":"2023-02-10T09:55:58.587821Z","subject":"potential","to":{"address":"goods@in.edu"},"source":"126.122.40.98","destination":"193.246.98.188"}},"faas":{"coldstart":true,"execution":"are","id":"their","name":"our_academia_stays.pdf","trigger":{"request_id":"1jEMdatp5rf8fnZHTUFDWj","type":"datasource"},"version":"6.0.0"},"file":{"accessed":"2023-02-11T05:25:08.587893Z","attributes":["to","Canadian"],"created":"2023-02-13T09:02:19.587906Z","ctime":"2023-02-17T09:09:57.587909Z","device":"performs","directory":"the/work","drive_letter":"academia","extension":"Centre","fork_name":"environment_canadian.jpg","gid":"us","group":"USERS","inode":"across.com","mime_type":"other","mode":"new","mtime":"2023-02-06T17:31:59.587951Z","name":"companies.jpg","owner":"vendors","path":"C:\\\\Users\\\\user\\\\Documents\\\\Bad_File.exe","size":3386,"target_path":"cyber","type":"file","uid":"improve","code_signature":{"digest_algorithm":"md5","exists":false,"signing_id":"45lFRXdWwFtZwWZawkyiJM","status":"key","subject_name":"market_innovation.jpg","team_id":"5WU89YSkIxnp1MZ1y4INGq","timestamp":"2023-02-28T23:12:16.588030Z","trusted":true,"valid":false},"elf":{"architecture":"academia","byte_order":"private","cpu_type":"commercial","creation_date":"visit","exports":["innovation","To"],"header":{"abi_version":"7.3.4","class":"state","data":"companies","entrypoint":2552,"object_version":"7.4.9","os_abi":"bringing","type":"security","version":"4.3.9"},"imports":["commercial","about"],"sections":[{"chi2":2970,"entropy":1580,"flags":"by","name":"innovation_we.xls","physical_offset":"BCIP","physical_size":1801,"type":"marketplace","virtual_address":1579,"virtual_size":307},{"chi2":2593,"entropy":1251,"flags":"marketplace","name":"partners.doc","physical_offset":"selling","physical_size":3113,"type":"partners","virtual_address":2405,"virtual_size":2552},{"chi2":3949,"entropy":3684,"flags":"partnerships","name":"technical.pdf","physical_offset":"security","physical_size":2415,"type":"For","virtual_address":3860,"virtual_size":3478}],"segments":[{"chi2":3691,"entropy":3241,"flags":"promote","name":"selling_centre.xls","physical_offset":"learn","physical_size":2061,"type":"participating","virtual_address":706,"virtual_size":3409},{"chi2":1465,"entropy":1631,"flags":"improve","name":"security.lnk","physical_offset":"constantly","physical_size":1379,"type":"services","virtual_address":1582,"virtual_size":3472},{"chi2":3532,"entropy":3800,"flags":"open","name":"learn_for.exe","physical_offset":"partnerships","physical_size":852,"type":"in","virtual_address":1759,"virtual_size":399},{"chi2":3093,"entropy":1323,"flags":"state","name":"constantly.lnk","physical_offset":"performs","physical_size":3629,"type":"determine","virtual_address":1948,"virtual_size":3266}],"shared_libraries":["innovative"],"telfhash":"stays"},"hash":{"md5":"5151d101e2371454aece662c4eb60e2f","sha1":"2a888a537e74bb699a24fc7af9e7b82967bc1e48","sha256":"88ba096408ff5b6f34ca7adb77e579f0c0cb06acdf360b6b271b9c7757058683","sha384":"90c42af3ab39d737a8a53ff387e6bccc6874222901a96b32d01603d38a3a4ab47e1e0b342e5ea29580cebebfca372959","sha512":"6f993993c9e54f0e8067a50928a9ad305d0f3ff8671ef859e3667305d45b985c1745ddb1c9fb409c5f746e3252e2221a6d5c3c49dc8a2b01da03a1d1c3eecfc1","ssdeep":"2865:7MSNbCe0J9wfe8lYj2X0vYPgMaBrPTgzSMN:vS2vhvx8bo4QNbRnUe6fjBu6yerw5kfGJRpgcH3q7Xgzrhn5R","tlsh":"innovative"},"pe":{"architecture":"provide","company":"transition","description":"product","file_version":"security_our_with.exe","imphash":"website","original_file_name":"to_the_constantly.doc","pehash":"innovation","product":"Government"}},"group":{"domain":"this.com","id":"promote","name":"government_potential.lnk"},"host":{"id":"services","ip":["81.193.199.246","208.117.15.208","225.51.179.51"],"mac":["1E735DEC0BF7","2211FC01640D"],"name":"programs_provide_promote.ppt","domain":"us.com","type":"For"},"http":{"request":{"body":{"bytes":1996,"content":"levels"},"bytes":1940,"id":"government","method":"complex","mime_type":"BCIP","referrer":"marketplace"},"response":{"body":{"bytes":2433,"content":"about"},"bytes":3919,"mime_type":"defence","status_code":3635},"version":"4.5.0"},"organization":{"id":"52","name":"NBC"},"process":{"args":["state","promote"],"args_count":213,"command_line":"companies","end":"2023-02-08T13:31:31.588547Z","entity_id":"4Mz5cQuS12o6jFv74bANHV","env_vars":{"key_a":"us","key_b":"with","key_c":"an"},"executable":"this","exit_code":3203,"interactive":false,"name":"programs_art.pdf","parent":[{"args":["industry","bringing","experts"],"args_count":313,"command_line":"participating","end":"2023-02-06T06:14:13.588605Z","entity_id":"3ZP0fhL4SNhrjYXXIIN7kC","env_vars":{"key_a":"cyber"},"executable":"market","exit_code":586,"interactive":true,"name":"edge_complex.exe","pid":2499,"same_as_process":false,"start":"2023-02-13T14:57:16.588647Z","user":{"id":"with","name":"collaborating_laboratory.xls"}},{"args":["working"],"args_count":3195,"command_line":"visit","end":"2023-03-05T17:52:49.588669Z","entity_id":"7R7KPTP3ckwIhePs4McSf8","env_vars":{"key_a":"authority","key_b":"supports","key_c":"transition"},"executable":"invite","exit_code":3204,"interactive":false,"name":"laboratory.doc","pid":3429,"same_as_process":true,"start":"2023-02-26T03:08:16.588710Z","user":{"id":"supports","name":"provide.pdf"}},{"args":["Innovation","private","transition","companies"],"args_count":3468,"command_line":"work","end":"2023-02-05T06:27:43.588734Z","entity_id":"GMYVbDS1zHB69rUtxJZUh","env_vars":{"key_a":"product"},"executable":"industry","exit_code":2211,"interactive":true,"name":"government.ppt","pid":593,"same_as_process":false,"start":"2023-02-17T22:26:52.588771Z","user":{"id":"emerging","name":"innovations.lnk"}},{"args":["Centre","our","engaging","all"],"args_count":2321,"command_line":"development","end":"2023-03-07T10:14:41.588795Z","entity_id":"3ESPxFV4QlecCHFqPANNVn","env_vars":{"key_a":"our","key_b":"an","key_c":"emerging","key_d":"role"},"executable":"across","exit_code":1739,"interactive":false,"name":"us.pdf","pid":145,"same_as_process":true,"start":"2023-02-23T22:50:23.588837Z","user":{"id":"stays","name":"industry_the.exe"}}],"pid":2342,"same_as_process":true,"start":"2023-03-03T12:29:02.588852Z","title":"problems","uptime":3770,"user":{"id":"environment","name":"we.xls"},"working_directory":"state/all/goods/open/certain"},"registry":{"data":{"bytes":"country","strings":["authority"],"type":"problems"},"hive":"To","key":"performs","path":"emerging","value":"an"},"related":{"hash":["innovative","this","innovations","selling"],"hosts":["potential.biz","tools.com","potential.edu"],"ip":["92.228.15.59","104.20.92.197"],"user":["admin","admin"],"id":"companies","uri":["http://open.edu/survey/market/stays/performs","ftp://complex.edu/government/with/innovations/Canada/sizes/country","ftp://support.biz/selling/promote"],"signature":["support"]},"server":{"ip":"104.124.103.212","address":"commercial","domain":"innovative.biz"},"source":{"address":"participating","bytes":2576,"domain":"them.edu","geo":{"city_name":"industry_but.xls","continent_code":"experts","continent_name":"about.ppt","country_iso_code":"collaborating","country_name":"market.ppt","location":{"lon":3928.53,"lat":1355.36},"name":"edge_vendors.doc","postal_code":"potential","region_iso_code":"marketplace","region_name":"cyber_one_marketplace.ppt","timezone":"environment"},"ip":"183.2.203.150","mac":"aa:e3:63:8e:81:88","nat":{"ip":"200.50.247.227","port":1697},"packets":332,"port":1439},"threat":{"feed":{"dashboard_id":"708GG9Y2Yvjt77eCg5yTQi","description":"stays","name":"in_promote_market.lnk","reference":"determine"},"framework":"MITRE ATT&CK","group":{"alias":["visit","helps","innovations"],"id":"Centre","name":"private_cutting_authority.jpg","reference":"product"},"indicator":{"confidence":"potential","description":"Citizens of Canada.","email":{"address":"development"},"provider":"feedback","reference":"technical","scanner_stats":2651,"sightings":1550,"ip":"235.210.41.190","type":"Government","first_seen":"2023-03-01T02:17:56.589112Z","last_seen":"2023-02-26T10:24:53.589117Z"},"software":{"alias":["testing","is","laboratory"],"id":"new","name":"role_survey.pdf","platform":["selling","Government"],"reference":"performs","type":"the"},"tactic":{"id":"TA0002","name":"Execution","reference":"supports"},"technique":{"id":"T1566.001","name":"Spearphishing Attachment","reference":"companies"}},"tls":{"version":"4.3.7","version_protocol":"5.4.7","client":{"server_name":"edge_programs_collaborating.lnk","ja3":"Government"},"server":{"ja3s":"innovative"}},"url":{"domain":"order.biz","extension":"BCIP","fragment":"technical","full":"assist","original":"constantly","password":"market","path":"Build","port":3733,"query":"To","registered_domain":"country.ca","scheme":"companies","subdomain":"work.edu","top_level_domain":"academia.com","username":"admin"},"user":{"domain":"working.biz","email":"partners@partnerships.edu","full_name":"environment.doc","group":{"domain":"their.com","id":"innovations","name":"partners_vendors.xls"},"hash":"transition","id":"tools","name":"innovations","roles":["sizes","are","Program"]},"user_agent":{"device":{"name":"laboratory.lnk"},"name":"centre_transition.pdf","original":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9","os":{"family":"promote","full":"cyber","kernel":"environment","name":"cyber_technology_of.pdf","platform":"with","type":"certain","version":"7.0.9"},"version":"5.2.2"},"vulnerability":{"category":["commercial","survey","our","complex"],"classification":"technology","description":"us","enumeration":"Build","id":"in","reference":"about","report_id":"23io1jWsrmU9YHNXsDmN4S"}},"5P9DSrjV6QMk5DRGrkyX7o":{"timestamp":"2023-03-07T06:26:16.486067Z","labels":{"key_a":"technical","key_b":"provide","key_c":"working","key_d":"from"},"tags":["laboratory","technical","edge"],"howler":{"id":"5P9DSrjV6QMk5DRGrkyX7o","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Exfiltration","hash":"eee9dad3760acabfd21c38662e638d104b38d4ec17c81bd18d4678d24268b608","related":["provide","problems"],"reliability":1683.52,"severity":355.53,"volume":1012.32,"confidence":3983.5,"score":1589.89,"status":"open","scrutiny":"investigated","escalation":"alert","assessment":null,"comment":[{"id":"71Ak50CZtGwy02zblLpoLl","timestamp":"2023-02-25T23:54:33.486244Z","modified":"2023-02-03T18:22:06.486249Z","value":"Detention or imprisonment.","user":"admin"},{"modified":"2023-03-10T14:54:59.007644Z","id":"XOiUBKBn6zIOGjgXe2Ry9","value":"test","user":"shawnh","timestamp":"2023-03-10T14:54:59.007592Z"},{"modified":"2023-03-10T14:55:39.207058Z","id":"392rOVhP1lzphoTyBgjSNX","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:39.206995Z"},{"modified":"2023-03-10T15:11:44.836766Z","id":"7kaOGJxtXnF3JnFJU3u8XE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:44.836728Z"},{"modified":"2023-03-10T15:12:30.612849Z","id":"YWycU4NPiIuLH7jXiqXhQ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:30.612799Z"},{"modified":"2023-03-10T15:13:01.124390Z","id":"4Z81X7XvYmHX2NUkrYQzEs","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:01.124356Z"},{"modified":"2023-03-10T15:13:24.874668Z","id":"3vGFcV6Cs5pkpZWdW6zfAh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:24.874634Z"},{"modified":"2023-03-10T15:14:20.274065Z","id":"5qQyGGvyL6T2SRtIKK9xq5","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:20.274027Z"},{"modified":"2023-03-10T15:14:46.938238Z","id":"3u4PG7czkcvZAaH2v3zmYb","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:46.938201Z"},{"modified":"2023-03-10T15:19:06.810065Z","id":"141MFt3VQTiJKLJ9gMMr9O","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:06.810017Z"},{"modified":"2023-03-10T15:19:59.362903Z","id":"3pKujgDkfnxjA5Smmw80ek","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:59.362804Z"},{"modified":"2023-03-10T15:21:37.750659Z","id":"2bfYCcel1pjrdIGqjyToIu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:37.750517Z"},{"modified":"2023-03-10T15:23:12.192014Z","id":"5g1qVpAs0Tg5Xvx5gwmkUO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:12.191929Z"},{"modified":"2023-03-10T15:26:26.257655Z","id":"2jCNE5Ce3VjJF6qcFvdAXg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:26.257600Z"},{"modified":"2023-03-10T15:30:59.220893Z","id":"6Toxat5xD6akxf6wP5NZIg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:30:59.220858Z"},{"modified":"2023-03-10T15:34:13.721680Z","id":"29sNigp2Ps7PBL3hf3NUOV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:13.721620Z"},{"modified":"2023-03-10T15:40:24.639052Z","id":"7JivGS6yeauvCizLYB7b3H","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:24.639010Z"}],"log":[{"timestamp":"2023-02-24T23:38:30.486262Z","key":"visit","explanation":"Not to be compelled to be a witness in proceedings against that person in respect of the offence.","new_value":"support","type":"appended","previous_value":"defence","user":"user"},{"timestamp":"2023-03-07T04:58:59.486281Z","key":"learn","explanation":"Mobility of citizens.","new_value":"goods","type":"set","previous_value":"government","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"XOiUBKBn6zIOGjgXe2Ry9\\", \\"timestamp\\": \\"2023-03-10T14:54:59.007592Z\\", \\"modified\\": \\"2023-03-10T14:54:59.007644Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:54:59.098314Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"392rOVhP1lzphoTyBgjSNX\\", \\"timestamp\\": \\"2023-03-10T14:55:39.206995Z\\", \\"modified\\": \\"2023-03-10T14:55:39.207058Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:39.284815Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7kaOGJxtXnF3JnFJU3u8XE\\", \\"timestamp\\": \\"2023-03-10T15:11:44.836728Z\\", \\"modified\\": \\"2023-03-10T15:11:44.836766Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:44.909046Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"YWycU4NPiIuLH7jXiqXhQ\\", \\"timestamp\\": \\"2023-03-10T15:12:30.612799Z\\", \\"modified\\": \\"2023-03-10T15:12:30.612849Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:30.684382Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Z81X7XvYmHX2NUkrYQzEs\\", \\"timestamp\\": \\"2023-03-10T15:13:01.124356Z\\", \\"modified\\": \\"2023-03-10T15:13:01.124390Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:01.193271Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3vGFcV6Cs5pkpZWdW6zfAh\\", \\"timestamp\\": \\"2023-03-10T15:13:24.874634Z\\", \\"modified\\": \\"2023-03-10T15:13:24.874668Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:24.947744Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5qQyGGvyL6T2SRtIKK9xq5\\", \\"timestamp\\": \\"2023-03-10T15:14:20.274027Z\\", \\"modified\\": \\"2023-03-10T15:14:20.274065Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:20.352131Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3u4PG7czkcvZAaH2v3zmYb\\", \\"timestamp\\": \\"2023-03-10T15:14:46.938201Z\\", \\"modified\\": \\"2023-03-10T15:14:46.938238Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:47.010586Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"141MFt3VQTiJKLJ9gMMr9O\\", \\"timestamp\\": \\"2023-03-10T15:19:06.810017Z\\", \\"modified\\": \\"2023-03-10T15:19:06.810065Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:06.900112Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3pKujgDkfnxjA5Smmw80ek\\", \\"timestamp\\": \\"2023-03-10T15:19:59.362804Z\\", \\"modified\\": \\"2023-03-10T15:19:59.362903Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:59.566572Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2bfYCcel1pjrdIGqjyToIu\\", \\"timestamp\\": \\"2023-03-10T15:21:37.750517Z\\", \\"modified\\": \\"2023-03-10T15:21:37.750659Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:37.858614Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5g1qVpAs0Tg5Xvx5gwmkUO\\", \\"timestamp\\": \\"2023-03-10T15:23:12.191929Z\\", \\"modified\\": \\"2023-03-10T15:23:12.192014Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:12.279503Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2jCNE5Ce3VjJF6qcFvdAXg\\", \\"timestamp\\": \\"2023-03-10T15:26:26.257600Z\\", \\"modified\\": \\"2023-03-10T15:26:26.257655Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:26.368712Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6Toxat5xD6akxf6wP5NZIg\\", \\"timestamp\\": \\"2023-03-10T15:30:59.220858Z\\", \\"modified\\": \\"2023-03-10T15:30:59.220893Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:30:59.307875Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"29sNigp2Ps7PBL3hf3NUOV\\", \\"timestamp\\": \\"2023-03-10T15:34:13.721620Z\\", \\"modified\\": \\"2023-03-10T15:34:13.721680Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:13.793072Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7JivGS6yeauvCizLYB7b3H\\", \\"timestamp\\": \\"2023-03-10T15:40:24.639010Z\\", \\"modified\\": \\"2023-03-10T15:40:24.639052Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:24.711615Z"}],"retained":"learn","monitored":"more","reported":"their","mitigated":"cutting","outline":{"threat":"59299d2e0a342410559d24649fe43b9b-thing.baduser.org","target":"collaborating.com","indicators":["us_cyber_visit.exe","government.gif","cyber_government_of.doc","for_of.exe","promote.pdf","order_certain_programs.lnk","security.doc","government.gif","bringing_problems_program.pdf","we_are.pdf","emerging_centre.jpg","for_are.lnk","other.gif","new.jpg"],"summary":"Equality before and under law and equal protection and benefit of law."},"labels":{"assignments":["CCID1A","APA1B"],"generic":["Outlook","Super Teams","Drive","Danger"]},"votes":{"benign":["art","feedback","emerging","goods"],"obscure":["promote"],"malicious":["transition","private","the","do"]},"dossier":{"key_a":"[\\"survey\\", \\"environment\\"]","key_b":"false","key_c":"[\\"innovative\\", \\"testing\\", \\"by\\", \\"the\\"]","key_d":"19"}},"assemblyline":{"antivirus":[{"type":"bringing","subtype":"problems","value":"on","verdict":"info"},{"type":"participating","subtype":"academia","value":"stays","verdict":"info"},{"type":"us","subtype":"edge","value":"transition","verdict":"suspicious"},{"type":"laboratory","subtype":"are","value":"this","verdict":"malicious"}],"attribution":[{"type":"participating","subtype":"commercial","value":"the","verdict":"safe"},{"type":"open","subtype":"transition","value":"other","verdict":"malicious"},{"type":"from","subtype":"determine","value":"by","verdict":"suspicious"}],"behaviour":[{"type":"invite","subtype":"technology","value":"collaborating","verdict":"suspicious"},{"type":"We","subtype":"promote","value":"do","verdict":"suspicious"}],"domain":[{"type":"environment","subtype":"us","value":"supports","verdict":"by"}],"heuristic":[{"type":"technology","subtype":"also","value":"security","verdict":"safe"},{"type":"commercial","subtype":"edge","value":"technology","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"key","subtype":"to","value":"services","verdict":"info"}],"technique":[{"type":"is","subtype":"in","value":"also","verdict":"safe"},{"type":"in","subtype":"Cyber","value":"product","verdict":"suspicious"},{"type":"key","subtype":"BCIP","value":"provide","verdict":"malicious"},{"type":"companies","subtype":"authority","value":"about","verdict":"safe"}]},"uri":[{"type":"evaluate","subtype":"from","value":"survey","verdict":"learn"},{"type":"role","subtype":"technical","value":"innovation","verdict":"laboratory"},{"type":"Canada","subtype":"We","value":"examine","verdict":"cyber"}],"yara":[{"type":"goods","subtype":"enhanced","value":"transition","verdict":"suspicious"}]},"agent":{"id":"state","name":"vendors_visit_with.exe","type":"supports","version":"6.2.0"},"cbs":{"sharepoint":{"created":{"application":"selling","user":"user"},"modified":{"application":"marketplace","user":"user"}}},"cloud":{"account":{"id":"qA8TkQ8CHXVBoNfXz2flo","name":"laboratory_supports.xls"},"availability_zone":"collaborating","instance":{"id":"government","name":"are_transition_engaging.ppt"},"machine":{"type":"but"},"project":{"id":"industry","name":"environment.ppt"},"provider":"an","region":"their","service":{"name":"Amazon AWS"},"tenant_id":"dYK7OeqW9fCc3tUrn5zMC"},"container":{"id":"testing","image":{"hash":{"all":["cyber","technical"]},"name":"laboratory.doc","tag":["partners","survey"]},"labels":{"key_a":"vendors","key_b":"Government"},"name":"determine.pdf","runtime":"Government"},"destination":{"address":"also","bytes":1457,"domain":"sizes.edu","geo":{"city_name":"improve_this_levels.exe","continent_code":"Build","continent_name":"new.xls","country_iso_code":"in","country_name":"country_we_transition.doc","location":{"lon":1216.89,"lat":3128.81},"name":"determine_assist_services.pdf","postal_code":"in","region_iso_code":"do","region_name":"support.exe","timezone":"but"},"ip":"211.141.222.11","mac":"da:5e:ea:e0:74:d7","nat":{"ip":"187.207.156.235","port":2642},"packets":3915,"port":1091},"dns":{"answers":[{"class":"order","data":"Canada","name":"visit_edge_open.exe","ttl":2693,"type":"market"},{"class":"of","data":"One","name":"order.pdf","ttl":890,"type":"in"},{"class":"is","data":"BCIP","name":"environment_government_on.exe","ttl":1849,"type":"private"}],"header_flags":["state","improve","We","commercial"],"id":"stays","op_code":"problems","question":{"class":"is","name":"vendors.doc","registered_domain":"goods.ca","subdomain":"all.com","top_level_domain":"this.biz","type":"marketplace"},"resolved_ip":["50.216.46.111"],"response_code":"testing","type":"visit"},"ecs":{"version":"4.2.4"},"error":{"code":"product","message":"partners"},"event":{"action":"examine","category":["configuration","configuration","database","web"],"code":"of","created":"2023-03-09T23:27:07.486994Z","dataset":"One","duration":896,"end":"2023-02-19T01:45:44.487006Z","hash":"evaluate","id":"5P9DSrjV6QMk5DRGrkyX7o","ingested":"2023-03-03T12:20:50.487014Z","kind":"enrichment","module":"determine","original":"potential","outcome":"unknown","provider":"AssemblyLine","reason":"innovations","reference":"environment","risk_score":1805.72,"risk_score_norm":1804.32,"sequence":179,"severity":2636,"start":"2023-02-05T12:37:40.487042Z","timezone":"One","type":["group","error","info","protocol"],"url":"cutting"},"email":{"attachments":[{"file":{"extension":"in","hash":{"md5":"8729f154573ee98310b2e188e4c5a2fd","sha1":"7fe819be6712eadc41f1ce8dfe5ea346c55814a6","sha256":"e21c6515311e9e818a666c71281894c9485c7cf705e4f10b633c2f3d1c7952db","sha384":"0cee8da82d9d2ba38cc51be03115098618f222c412fb7894e15a323c254e5b0f86a4ff56073a3e119347b454bd54182e","sha512":"cb9f8b5d157d866be186f982af868f6b12c6a1666d4c90d659dea482a46db972ad2036feed1417d97a7d5bd444bc60b779ad4d83c80f17a8d159fffd193d7827","ssdeep":"64235:PprNkx7AmauSPXXyuw1EfbUobb3v36tzbqof2ryumPs9mfO6CnopNJXSRb1J8kJ2:eiJk9QDwco69mv5cXMPz96oYvTPmleV","tlsh":"participating"},"mime_type":"survey","name":"edge_bcip_levels.doc","size":3322}},{"file":{"extension":"an","hash":{"md5":"cd09324b805facd8d955bc88e103ee36","sha1":"0cbe91e0083199446882e3093052bad2ef4176e1","sha256":"c08ed08933a71a50eca9b9dd544ff1f29099015a67a850f0f4b1ad9e771a1816","sha384":"697a9ad143f01d266e9a931ae923c5f395f49c6274f292d164279c02f20291dd76c536823e69d52b52c6e3a441fc015c","sha512":"1a94d55fcb8351b057ba727f5e3990659a7d4b3d230a7647af50cf6a60916f3f68b85f25cc7b9864c5fd503538c00043e33f76ceaf202ac610cdef942357a85c","ssdeep":"74819:Gd1i9X6nZFaldSD6uDNtH4PoJdmzj7IZ5DylSqgUKooB5l5iGwBqYsnSN:67nMIhFPpr8bBlAjJEOtQt2br2p7qygKBs2mBj2PBHZ","tlsh":"technologies"},"mime_type":"engaging","name":"edge_new.xls","size":3941}},{"file":{"extension":"Canada","hash":{"md5":"540b600fc35840231d674ae7ff24f569","sha1":"fcdae3cca7c9fb8bfb8256e6e20f32a19e88d1a2","sha256":"ecf3ec400b433966125cb4465a0b4ae1729c989229b982d93e2483be7c57caa2","sha384":"5f4cce31b4e55fdc63b2357485159b3917fcb55d0ddb22dcf45a82a09fc29a5012eb7580a7d8ed1f9042be19b832bb79","sha512":"409657c4365b203aec7e178e743ba2b294b1d8b892be23777ffc2ae089ac8e17fe7f21bd4bea1fbba731bc11e33d3543e286b96e763e4118c3985b7ecac91abd","ssdeep":"8716:HMRjF48Y1tp9AnXBw1rLezkR5aDpEyvXmbIzcRbFtmII0FlGC:a5VmX1BuVSSjSECx2jXM9Fx99yy9NoLXBEmbCx8UN5RRI6l0rYedOtKK6nsXu","tlsh":"sizes"},"mime_type":"tools","name":"government_complex.ppt","size":1314}}],"bcc":{"address":"working@tools.ca"},"cc":{"address":"levels@engaging.edu"},"content_type":"the","delivery_timestamp":"2023-02-04T18:33:57.487582Z","direction":"To","from":{"address":"potential@learn.com"},"local_id":"hTxdywomaszuRkS44t6QN","message_id":"4gaPxlHyuhW1eCTvQsZBTw","origination_timestamp":"2023-02-25T07:02:15.487635Z","reply_to":{"address":"services@us.edu"},"sender":{"address":"engaging@market.com"},"subject":"edge","to":{"address":"this@canadian.ca"},"x_mailer":"enhanced","parent":{"bcc":{"address":"government@survey.ca"},"cc":{"address":"participating@website.ca"},"from":{"address":"with@learn.biz"},"message_id":"67ZvEXkHU79pUC09odL2dd","origination_timestamp":"2023-02-23T17:57:59.487687Z","subject":"levels","to":{"address":"for@one.ca"},"source":"164.45.245.171","destination":"219.186.70.42"}},"faas":{"coldstart":true,"execution":"role","id":"in","name":"experts_cutting.xls","trigger":{"request_id":"5FXKuRUUgX2LJBj1Or4aVk","type":"other"},"version":"5.5.6"},"file":{"accessed":"2023-03-03T06:34:21.487757Z","attributes":["from"],"created":"2023-03-02T17:42:49.487766Z","ctime":"2023-02-17T20:08:59.487770Z","device":"in","directory":"key/state/across","drive_letter":"Government","extension":"new","fork_name":"survey_with_for.pdf","gid":"their","group":"USERS","inode":"technical.edu","mime_type":"working","mode":"commercial","mtime":"2023-02-07T13:32:52.487807Z","name":"them_art.lnk","owner":"also","path":"stays","size":3761,"target_path":"learn","type":"file","uid":"about","code_signature":{"digest_algorithm":"sha1","exists":false,"signing_id":"7FofMwrODHZv2hxrKQVz3u","status":"this","subject_name":"market.xls","team_id":"6N6rX077RsBKtH2K8Icaks","timestamp":"2023-02-25T14:11:25.487881Z","trusted":true,"valid":false},"elf":{"architecture":"BCIP","byte_order":"their","cpu_type":"security","creation_date":"provide","exports":["marketplace","experts"],"header":{"abi_version":"8.5.0","class":"engaging","data":"Canada","entrypoint":1738,"object_version":"4.3.5","os_abi":"provide","type":"We","version":"4.4.5"},"imports":["constantly","market","to","collaborating"],"sections":[{"chi2":2745,"entropy":2538,"flags":"assist","name":"supports_marketplace_but.lnk","physical_offset":"feedback","physical_size":331,"type":"technology","virtual_address":767,"virtual_size":3275},{"chi2":3092,"entropy":1983,"flags":"potential","name":"bcip.doc","physical_offset":"about","physical_size":3385,"type":"market","virtual_address":2517,"virtual_size":942},{"chi2":4008,"entropy":1956,"flags":"new","name":"bringing_their.lnk","physical_offset":"feedback","physical_size":142,"type":"our","virtual_address":1423,"virtual_size":1353}],"segments":[{"chi2":3806,"entropy":2404,"flags":"work","name":"companies_new.jpg","physical_offset":"technical","physical_size":3408,"type":"vendors","virtual_address":3576,"virtual_size":3872},{"chi2":3281,"entropy":2296,"flags":"performs","name":"defence_state.ppt","physical_offset":"cutting","physical_size":3185,"type":"an","virtual_address":1429,"virtual_size":1010}],"shared_libraries":["technical","feedback"],"telfhash":"but"},"hash":{"md5":"69ea862c04ed0a1bb4a1e5df506794fc","sha1":"f14eeb33b00df46f3640e7ad46cd83a1a8a6a1a5","sha256":"2d6483a8a710d58881cea5a67882a1642d2351569ef71fc87702ef004ad4cbb5","sha384":"79543566fe382168329de0d0a9c764528f639c0f65b184662f86a7c4ec7a499758343ed7f4f507a30e0ad9011ccd63df","sha512":"c10d3dc2a4a1abd5dc55d4c40118cb68fbb92fbe69fc4c7c19cf4e612cc8dfa50388a6cd392536695e27eb7d2fd3d98261bb6d7bb6e8547596c4022b03a71000","ssdeep":"38026:3mZvuotL6HpyvPw28P5mQpyjRUYzQIIJErhpIJ:8GQphUTmSt469mz1mL3cwHxcerThIRz6VHcqRrHHVp7MvR","tlsh":"innovations"},"pe":{"architecture":"an","company":"To","description":"work","file_version":"program.jpg","imphash":"enhanced","original_file_name":"order_provide_examine.pdf","pehash":"examine","product":"the"}},"group":{"domain":"complex.edu","id":"us","name":"defence.xls"},"host":{"id":"is","ip":["14.178.72.190"],"mac":["E22B802769BC","1229CA8122E3","3C4C84B3EFD9"],"name":"laboratory_for_goods.doc","domain":"work.com","type":"in"},"http":{"request":{"body":{"bytes":3581,"content":"of"},"bytes":1348,"id":"selling","method":"transition","mime_type":"edge","referrer":"For"},"response":{"body":{"bytes":2577,"content":"authority"},"bytes":2131,"mime_type":"more","status_code":2684},"version":"7.0.5"},"organization":{"id":"145","name":"NAC"},"process":{"args":["role"],"args_count":3588,"command_line":"partners","end":"2023-02-23T01:17:02.488382Z","entity_id":"37uPzEIkRYCKUCye9oUcrG","env_vars":{"key_a":"services","key_b":"technical","key_c":"this"},"executable":"goods","exit_code":435,"interactive":false,"name":"evaluate_by_their.pdf","parent":[{"args":["from","an","visit","product"],"args_count":1189,"command_line":"companies","end":"2023-02-10T20:48:22.488453Z","entity_id":"2MbGcH7aKaCyZIcJhLKbvJ","env_vars":{"key_a":"but","key_b":"transition","key_c":"art","key_d":"The"},"executable":"supports","exit_code":1363,"interactive":true,"name":"laboratory_emerging.pdf","pid":538,"same_as_process":false,"start":"2023-02-07T08:53:42.488505Z","user":{"id":"technical","name":"technologies_testing.gif"}}],"pid":1758,"same_as_process":true,"start":"2023-02-08T10:34:59.488523Z","title":"technologies","uptime":1460,"user":{"id":"transition","name":"our_open_levels.jpg"},"working_directory":"supports/laboratory/goods/testing/this/centre"},"registry":{"data":{"bytes":"One","strings":["technologies","partnerships"],"type":"technologies"},"hive":"participating","key":"sizes","path":"this","value":"also"},"related":{"hash":["security","Build","certain","provide"],"hosts":["partnerships.com","working.biz","is.biz"],"ip":["178.17.87.96","117.128.122.122"],"user":["user","admin","user"],"id":"vendors","uri":["http://canadian.ca/technology/problems/technologies/laboratory/collaborating/market","https://assist.ca/constantly/innovation/of/but"],"signature":["country"]},"server":{"ip":"215.251.54.163","address":"but","domain":"vendors.edu"},"source":{"address":"Cyber","bytes":3779,"domain":"helps.ca","geo":{"city_name":"we_learn_about.exe","continent_code":"state","continent_name":"innovations_to_to.pdf","country_iso_code":"engaging","country_name":"collaborating_the.doc","location":{"lon":2902.62,"lat":2569.98},"name":"build.xls","postal_code":"innovative","region_iso_code":"government","region_name":"survey.exe","timezone":"emerging"},"ip":"168.86.169.222","mac":"73:11:24:52:a7:a7","nat":{"ip":"197.147.248.188","port":3008},"packets":2941,"port":2257},"threat":{"feed":{"dashboard_id":"48GTndGACiZXpxi9SKRKcu","description":"working","name":"programs_promote.lnk","reference":"from"},"framework":"Custom","group":{"alias":["working","with","by","learn"],"id":"collaborating","name":"provide_commercial_the.ppt","reference":"defence"},"indicator":{"confidence":"promote","description":"If found guilty of the offence and if the punishment for the offence has been varied between the time of commission and the time of sentencing, to the benefit of the lesser punishment.","email":{"address":"of"},"provider":"Cyber","reference":"more","scanner_stats":3886,"sightings":222,"ip":"163.210.80.218","type":"to","first_seen":"2023-02-27T11:44:36.488807Z","last_seen":"2023-03-02T23:46:05.488812Z"},"software":{"alias":["The"],"id":"website","name":"key_is_we.xls","platform":["promote","authority","Centre","helps"],"reference":"programs","type":"Build"},"tactic":{"id":"TA0010","name":"Exfiltration","reference":"all"},"technique":{"id":"T1498.001","name":"Direct Network Flood","reference":"of"}},"tls":{"version":"8.3.7","version_protocol":"7.1.2","client":{"server_name":"helps_them.doc","ja3":"environment"},"server":{"ja3s":"problems"}},"url":{"domain":"new.edu","extension":"complex","fragment":"development","full":"Canadian","original":"survey","password":"support","path":"goods","port":1151,"query":"complex","registered_domain":"this.com","scheme":"them","subdomain":"us.edu","top_level_domain":"support.edu","username":"admin"},"user":{"domain":"innovations.edu","email":"from@companies.com","full_name":"environment_technical.lnk","group":{"domain":"across.ca","id":"of","name":"learn_across_visit.pdf"},"hash":"private","id":"new","name":"Innovation","roles":["this","vendors"]},"user_agent":{"device":{"name":"companies_commercial.exe"},"name":"programs_government.xls","original":"Mozilla/5.0 (Linux; Android 10; SM-G980F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.96 Mobile Safari/537.36","os":{"family":"invite","full":"testing","kernel":"in","name":"determine_innovative.gif","platform":"technical","type":"vendors","version":"8.4.0"},"version":"8.0.5"},"vulnerability":{"category":["role"],"classification":"cutting","description":"us","enumeration":"assist","id":"art","reference":"also","report_id":"5wmlFw5mprosAeRId1BFjd"}},"5twfRUyzamlfgj9inINcQo":{"timestamp":"2023-02-24T19:42:52.930531Z","labels":{"key_a":"levels","key_b":"industry","key_c":"partners","key_d":"do"},"tags":["edge"],"howler":{"id":"5twfRUyzamlfgj9inINcQo","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Reconnaissance","hash":"1ea86fb387f99a5f4852b8e49ea704160f140e7f691e259990f553a7fdf20e8b","related":["market","BCIP","this"],"reliability":2757.37,"severity":1654.94,"volume":3647.65,"confidence":1866.37,"score":250.2,"status":"open","scrutiny":"surveyed","escalation":"hit","assessment":null,"comment":[{"id":"2U4ORgW8lYy2UUm7ZbfNKA","timestamp":"2023-02-14T10:09:34.930706Z","modified":"2023-02-04T23:41:47.930711Z","value":"Any rights or freedoms that have been recognized by the Royal Proclamation of October 7, 1763.","user":"user"},{"modified":"2023-03-10T14:54:59.360471Z","id":"5RaGkxeVtLF5uZhq3FZBPH","value":"test","user":"shawnh","timestamp":"2023-03-10T14:54:59.360423Z"},{"modified":"2023-03-10T14:55:39.530566Z","id":"1VzvJqVzaRyTFTzzjV2HDW","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:39.530519Z"},{"modified":"2023-03-10T15:11:45.164590Z","id":"3BWGjOV2HsBw9PhgGjWZEd","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:45.164550Z"},{"modified":"2023-03-10T15:12:30.912358Z","id":"4tUpnVTPuBOMT1MGkLEHke","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:30.912322Z"},{"modified":"2023-03-10T15:13:01.428477Z","id":"7Ty566iTVOktesM1tStBD4","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:01.428438Z"},{"modified":"2023-03-10T15:13:25.190395Z","id":"2Nxalgk8dqc7VqoWMbTijA","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:25.190331Z"},{"modified":"2023-03-10T15:14:20.579509Z","id":"2tiQB9MxgPFiIJ9mKhgBQ2","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:20.579471Z"},{"modified":"2023-03-10T15:14:47.228106Z","id":"74hhChAFVSNw0Vvq91q6H0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:47.228074Z"},{"modified":"2023-03-10T15:19:07.175225Z","id":"5wuFowPSOawQcyTGCZmSE8","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:07.175152Z"},{"modified":"2023-03-10T15:19:59.860668Z","id":"5iLl2brerFznrJkAyhe58v","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:59.860607Z"},{"modified":"2023-03-10T15:21:38.137515Z","id":"aGXTh1Qm26fIOoFeexHPF","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:38.137409Z"},{"modified":"2023-03-10T15:23:12.551246Z","id":"50tWloPL0poAbnsP93f77h","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:12.551196Z"},{"modified":"2023-03-10T15:26:26.649408Z","id":"2SZw2IkpnAIdfBpJ3Th7pF","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:26.649354Z"},{"modified":"2023-03-10T15:30:59.551546Z","id":"3Yz0HSz037GM22xck11JlD","value":"test","user":"shawnh","timestamp":"2023-03-10T15:30:59.551505Z"},{"modified":"2023-03-10T15:34:14.018125Z","id":"mNAZMYuePaGVC3few4TRg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:14.018091Z"},{"modified":"2023-03-10T15:40:24.946569Z","id":"3upJgpYT2HAHBLFEKaIqqt","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:24.946537Z"}],"log":[{"timestamp":"2023-02-05T22:03:09.930724Z","key":"To","explanation":"To the legislature and government of each province in respect of all matters within the authority of the legislature of each province.","new_value":"participating","type":"appended","previous_value":"helps","user":"user"},{"timestamp":"2023-02-25T21:13:28.930744Z","key":"learn","explanation":"Notwithstanding subsection (1), section 15 shall not have effect until three years after this section comes into force.","new_value":"survey","type":"set","previous_value":"work","user":"user"},{"timestamp":"2023-02-04T06:34:20.930762Z","key":"key","explanation":"Exclusion of evidence bringing administration of justice into disrepute.","new_value":"Government","type":"appended","previous_value":"engaging","user":"admin"},{"timestamp":"2023-02-15T17:42:14.930778Z","key":"of","explanation":"Mobility of citizens.","new_value":"determine","type":"removed","previous_value":"emerging","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5RaGkxeVtLF5uZhq3FZBPH\\", \\"timestamp\\": \\"2023-03-10T14:54:59.360423Z\\", \\"modified\\": \\"2023-03-10T14:54:59.360471Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:54:59.492381Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1VzvJqVzaRyTFTzzjV2HDW\\", \\"timestamp\\": \\"2023-03-10T14:55:39.530519Z\\", \\"modified\\": \\"2023-03-10T14:55:39.530566Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:39.606906Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3BWGjOV2HsBw9PhgGjWZEd\\", \\"timestamp\\": \\"2023-03-10T15:11:45.164550Z\\", \\"modified\\": \\"2023-03-10T15:11:45.164590Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:45.244172Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4tUpnVTPuBOMT1MGkLEHke\\", \\"timestamp\\": \\"2023-03-10T15:12:30.912322Z\\", \\"modified\\": \\"2023-03-10T15:12:30.912358Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:30.983441Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7Ty566iTVOktesM1tStBD4\\", \\"timestamp\\": \\"2023-03-10T15:13:01.428438Z\\", \\"modified\\": \\"2023-03-10T15:13:01.428477Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:01.503119Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2Nxalgk8dqc7VqoWMbTijA\\", \\"timestamp\\": \\"2023-03-10T15:13:25.190331Z\\", \\"modified\\": \\"2023-03-10T15:13:25.190395Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:25.272622Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2tiQB9MxgPFiIJ9mKhgBQ2\\", \\"timestamp\\": \\"2023-03-10T15:14:20.579471Z\\", \\"modified\\": \\"2023-03-10T15:14:20.579509Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:20.653259Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"74hhChAFVSNw0Vvq91q6H0\\", \\"timestamp\\": \\"2023-03-10T15:14:47.228074Z\\", \\"modified\\": \\"2023-03-10T15:14:47.228106Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:47.298461Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5wuFowPSOawQcyTGCZmSE8\\", \\"timestamp\\": \\"2023-03-10T15:19:07.175152Z\\", \\"modified\\": \\"2023-03-10T15:19:07.175225Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:07.284455Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5iLl2brerFznrJkAyhe58v\\", \\"timestamp\\": \\"2023-03-10T15:19:59.860607Z\\", \\"modified\\": \\"2023-03-10T15:19:59.860668Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:59.994526Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"aGXTh1Qm26fIOoFeexHPF\\", \\"timestamp\\": \\"2023-03-10T15:21:38.137409Z\\", \\"modified\\": \\"2023-03-10T15:21:38.137515Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:38.222483Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"50tWloPL0poAbnsP93f77h\\", \\"timestamp\\": \\"2023-03-10T15:23:12.551196Z\\", \\"modified\\": \\"2023-03-10T15:23:12.551246Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:12.641940Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2SZw2IkpnAIdfBpJ3Th7pF\\", \\"timestamp\\": \\"2023-03-10T15:26:26.649354Z\\", \\"modified\\": \\"2023-03-10T15:26:26.649408Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:26.747198Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3Yz0HSz037GM22xck11JlD\\", \\"timestamp\\": \\"2023-03-10T15:30:59.551505Z\\", \\"modified\\": \\"2023-03-10T15:30:59.551546Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:30:59.633357Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"mNAZMYuePaGVC3few4TRg\\", \\"timestamp\\": \\"2023-03-10T15:34:14.018091Z\\", \\"modified\\": \\"2023-03-10T15:34:14.018125Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:14.089684Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3upJgpYT2HAHBLFEKaIqqt\\", \\"timestamp\\": \\"2023-03-10T15:40:24.946537Z\\", \\"modified\\": \\"2023-03-10T15:40:24.946569Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:25.014718Z"}],"retained":"goods","monitored":"certain","reported":"state","mitigated":"levels","outline":{"threat":"231.28.216.14","target":"program.biz","indicators":["by_technologies_sizes.xls","evaluate_technical_state.lnk","feedback_their_to.xls","one.jpg","one_but.doc","enhanced_defence.lnk","role.gif","assist_determine.gif","cutting_to.gif","innovation_build.doc","engaging_bcip.exe","levels_for_survey.ppt","participating_partnerships_development.doc","support.pdf","environment.pdf","key_government_the.ppt","companies_problems.gif","role.doc","bcip_canadian.doc","programs_of_innovation.gif"],"summary":"Nothing in this Charter extends the legislative powers of any body or authority."},"labels":{"assignments":["CCID1A","ADS2A"],"generic":["Drive"]},"votes":{"benign":["selling"],"obscure":["product","goods","our","across"],"malicious":["of","technologies"]},"dossier":{"key_a":"improve","key_b":"true"}},"assemblyline":{"antivirus":[{"type":"Canadian","subtype":"To","value":"helps","verdict":"suspicious"},{"type":"emerging","subtype":"technologies","value":"To","verdict":"suspicious"},{"type":"For","subtype":"To","value":"participating","verdict":"safe"},{"type":"visit","subtype":"private","value":"about","verdict":"safe"}],"attribution":[{"type":"examine","subtype":"evaluate","value":"are","verdict":"malicious"},{"type":"stays","subtype":"innovations","value":"We","verdict":"info"},{"type":"tools","subtype":"the","value":"Build","verdict":"info"},{"type":"state","subtype":"cyber","value":"Build","verdict":"suspicious"}],"behaviour":[{"type":"programs","subtype":"services","value":"Centre","verdict":"malicious"},{"type":"For","subtype":"invite","value":"sizes","verdict":"suspicious"},{"type":"support","subtype":"our","value":"BCIP","verdict":"suspicious"}],"domain":[{"type":"Program","subtype":"but","value":"One","verdict":"from"}],"heuristic":[{"type":"work","subtype":"services","value":"We","verdict":"safe"},{"type":"us","subtype":"more","value":"sizes","verdict":"suspicious"},{"type":"companies","subtype":"One","value":"all","verdict":"suspicious"},{"type":"development","subtype":"provide","value":"market","verdict":"safe"}],"mitre":{"tactic":[{"type":"from","subtype":"feedback","value":"support","verdict":"malicious"},{"type":"but","subtype":"services","value":"participating","verdict":"safe"},{"type":"on","subtype":"One","value":"their","verdict":"info"},{"type":"marketplace","subtype":"feedback","value":"Canada","verdict":"malicious"}],"technique":[{"type":"To","subtype":"more","value":"enhanced","verdict":"suspicious"},{"type":"development","subtype":"work","value":"invite","verdict":"malicious"}]},"uri":[{"type":"website","subtype":"country","value":"innovation","verdict":"are"},{"type":"goods","subtype":"For","value":"testing","verdict":"product"},{"type":"are","subtype":"performs","value":"with","verdict":"other"},{"type":"goods","subtype":"of","value":"performs","verdict":"helps"}],"yara":[{"type":"experts","subtype":"goods","value":"open","verdict":"safe"}]},"agent":{"id":"engaging","name":"key_learn.lnk","type":"partners","version":"5.5.7"},"cbs":{"sharepoint":{"created":{"application":"development","user":"user"},"modified":{"application":"new","user":"admin"}}},"cloud":{"account":{"id":"5gmUVJ2D6XSVEixWE5ASfB","name":"collaborating_technologies_companies.doc"},"availability_zone":"them","instance":{"id":"to","name":"more.ppt"},"machine":{"type":"partnerships"},"project":{"id":"cutting","name":"invite_development_promote.jpg"},"provider":"Government","region":"improve","service":{"name":"Microsoft Teams"},"tenant_id":"2ysGu2X0hznFB1XOcV42K"},"container":{"id":"Government","image":{"hash":{"all":["potential","Program","invite","companies"]},"name":"testing_programs.exe","tag":["our","stays"]},"labels":{"key_a":"cyber"},"name":"website_canadian.exe","runtime":"Canadian"},"destination":{"address":"The","bytes":1149,"domain":"experts.com","geo":{"city_name":"feedback_by_evaluate.ppt","continent_code":"partners","continent_name":"canada_innovation_commercial.doc","country_iso_code":"authority","country_name":"open_on_government.ppt","location":{"lon":1641.93,"lat":431.58},"name":"evaluate.gif","postal_code":"Innovation","region_iso_code":"examine","region_name":"government_experts.gif","timezone":"innovations"},"ip":"11.116.23.214","mac":"ae:d3:cf:f6:85:61","nat":{"ip":"98.57.54.234","port":1331},"packets":738,"port":3136},"dns":{"answers":[{"class":"Program","data":"One","name":"security_innovation_partnerships.jpg","ttl":747,"type":"participating"},{"class":"For","data":"determine","name":"edge.exe","ttl":1851,"type":"constantly"},{"class":"Cyber","data":"role","name":"assist_technology.xls","ttl":2399,"type":"enhanced"},{"class":"partnerships","data":"this","name":"testing_the_canada.pdf","ttl":1926,"type":"Government"}],"header_flags":["new","the"],"id":"improve","op_code":"of","question":{"class":"determine","name":"working.gif","registered_domain":"key.edu","subdomain":"partnerships.ca","top_level_domain":"problems.edu","type":"companies"},"resolved_ip":["192.29.141.215","169.225.19.254","179.59.250.214"],"response_code":"environment","type":"across"},"ecs":{"version":"7.0.8"},"error":{"code":"country","message":"levels"},"event":{"action":"development","category":["web","process"],"code":"problems","created":"2023-03-09T12:44:32.931534Z","dataset":"technical","duration":2930,"end":"2023-02-25T04:29:49.931544Z","hash":"learn","id":"5twfRUyzamlfgj9inINcQo","ingested":"2023-02-09T20:14:56.931551Z","kind":"metric","module":"problems","original":"role","outcome":"failure","provider":"NBS","reason":"Cyber","reference":"across","risk_score":1728.46,"risk_score_norm":527.96,"sequence":3631,"severity":2756,"start":"2023-02-23T01:20:04.931580Z","timezone":"improve","type":["start","denied"],"url":"technologies"},"email":{"attachments":[{"file":{"extension":"learn","hash":{"md5":"e545c913e48a571536b290dd319f8c9f","sha1":"2d21ef274003071300d3011b2a64d54f93ed01e8","sha256":"88b597bd6b2de48b7325b6d5beedbe8c76d012fe54cbc98f64f24d9b7c462f59","sha384":"225748833b2aa63696b65656bf24aad1716a35182faf97da07c72662bc4f68eda953e705032b04a75c04b6aecb796eb8","sha512":"a2727e1098c890160cfd30dcf5ef6a229ee060b7170cbf70cbaca9f49bdc93c4f5992801b5cf7541a5913830f3d1d74ab5f1158da33e3df65d516a338126d484","ssdeep":"77208:NcAnZKa6cuF1pIzY3IJzT6eqRm2d5:TcNacjRcyUniAc2QovgTackUegOhYch1G1kPQbCa3se","tlsh":"examine"},"mime_type":"problems","name":"for_partnerships.pdf","size":636}},{"file":{"extension":"working","hash":{"md5":"90572db64b2ffb364a9a4357b8bd4242","sha1":"d32ffdb783c1345d85dc283aa9e2f8e823ae7a1e","sha256":"eaf630012f096ff185c0494872db8a6c8ab25b7a9fb45ae270c4094cb266b894","sha384":"69149582bf1d30e206e0cefd9be6fefc1df02afbc0dd488b43d585ca60a280f71284b5a77da9dc3a60b3adf9d3751dc3","sha512":"cb2155333dad2d29e13b319318c58d9f5c9c73402f2fc05dfa76041075213ce1d67f3a4d532870322e5704cf79289266b3dad737379ae97069e5061d2b1d7d56","ssdeep":"3090:kCZTjhvqROjL1gHU4jxHINMct0I9pPHZv321R1IIvVFbHzqadoZTPs0pFKE28:yBFlvSlsYP3C2uHCLCqC93p2Gka45KJcXl5n2","tlsh":"also"},"mime_type":"country","name":"government.ppt","size":349}}],"bcc":{"address":"canada@work.ca"},"cc":{"address":"but@for.edu"},"content_type":"industry","delivery_timestamp":"2023-03-06T01:45:40.931962Z","direction":"support","from":{"address":"performs@examine.biz"},"local_id":"4aqz6Fv11qby14a6EpbZlO","message_id":"2QNoLCrXZ7Op5Un27JeWSq","origination_timestamp":"2023-02-08T21:00:05.932013Z","reply_to":{"address":"us@engaging.ca"},"sender":{"address":"emerging@us.ca"},"subject":"security","to":{"address":"do@cyber.biz"},"x_mailer":"experts","parent":{"bcc":{"address":"all@levels.ca"},"cc":{"address":"us@sizes.com"},"from":{"address":"commercial@provide.com"},"message_id":"3S7u7dDHtoEXIPuruWmLj1","origination_timestamp":"2023-03-09T05:49:28.932066Z","subject":"Cyber","to":{"address":"is@the.com"},"source":"41.200.227.122","destination":"165.46.170.75"}},"faas":{"coldstart":true,"execution":"across","id":"working","name":"experts_our.lnk","trigger":{"request_id":"5M06mIef2couufvowGIFxs","type":"timer"},"version":"5.5.7"},"file":{"accessed":"2023-02-14T09:14:19.932134Z","attributes":["all","is","our"],"created":"2023-02-04T17:45:52.932149Z","ctime":"2023-03-09T10:21:10.932153Z","device":"technology","directory":"the/environment/work/partnerships/government/do","drive_letter":"is","extension":"One","fork_name":"canada_partners_centre.gif","gid":"innovative","group":"ANALYSTS","inode":"cutting.ca","mime_type":"our","mode":"Canada","mtime":"2023-03-04T10:24:25.932192Z","name":"to_partnerships_build.doc","owner":"potential","path":"improve","size":1121,"target_path":"For","type":"file","uid":"technology","code_signature":{"digest_algorithm":"sha1","exists":false,"signing_id":"45D5pyenbw39hYnsbV2XtP","status":"learn","subject_name":"new.pdf","team_id":"408b5dmBzt0H7gKoVZe7f8","timestamp":"2023-02-05T10:51:29.932268Z","trusted":false,"valid":false},"elf":{"architecture":"To","byte_order":"order","cpu_type":"support","creation_date":"companies","exports":["marketplace","feedback","open","partners"],"header":{"abi_version":"7.4.1","class":"emerging","data":"environment","entrypoint":3707,"object_version":"7.4.5","os_abi":"of","type":"edge","version":"5.0.7"},"imports":["Innovation"],"sections":[{"chi2":1369,"entropy":3491,"flags":"key","name":"in_bringing.doc","physical_offset":"Program","physical_size":288,"type":"assist","virtual_address":417,"virtual_size":3625},{"chi2":3125,"entropy":456,"flags":"experts","name":"constantly.exe","physical_offset":"testing","physical_size":838,"type":"innovation","virtual_address":141,"virtual_size":1932},{"chi2":1700,"entropy":192,"flags":"Government","name":"authority_innovations_companies.xls","physical_offset":"visit","physical_size":362,"type":"innovation","virtual_address":3094,"virtual_size":2434},{"chi2":598,"entropy":3034,"flags":"authority","name":"examine_website.pdf","physical_offset":"technology","physical_size":3074,"type":"by","virtual_address":3014,"virtual_size":3707}],"segments":[{"chi2":1473,"entropy":2640,"flags":"innovations","name":"bcip.xls","physical_offset":"programs","physical_size":1064,"type":"role","virtual_address":3805,"virtual_size":3718},{"chi2":1875,"entropy":1530,"flags":"to","name":"on_is_bringing.gif","physical_offset":"their","physical_size":2042,"type":"stays","virtual_address":3892,"virtual_size":3729}],"shared_libraries":["BCIP","edge"],"telfhash":"support"},"hash":{"md5":"31cb0f822e7123b7afae9913842b12b9","sha1":"8cafa909e05900ace4c351a423c68e589c59d34c","sha256":"2dbee7467fdabdbc53fd43e1cfc6d63bb088f6a3b4f4805d489395c4b922d082","sha384":"bb07d381602791313df550754b5d1741051f4e77ce0e584b35006b6fec67c54b722ab31987eee5ea57aebfa8d14d019c","sha512":"5cfea9e702f1f7906daa070cf4960a173047266c345256b31b88ca0660bda4c3af6be41c7814cd6a1b3ff0616d2ef05db84065a1cb04402cebe8dd2ab6edb774","ssdeep":"18713:5lvFu0fcQOzIaI1jdDkUL2xyB4xQBRCyj8z654LwHyK8v7J486FlC5:6D1SUOFMlC8LtEFgrNd0yyd3bs5gUn6fO6HIgKGb69BYRk9gHdb4qiU3msKZ","tlsh":"companies"},"pe":{"architecture":"visit","company":"to","description":"problems","file_version":"technologies_examine.jpg","imphash":"Program","original_file_name":"us.lnk","pehash":"defence","product":"order"}},"group":{"domain":"helps.ca","id":"do","name":"innovation_evaluate.exe"},"host":{"id":"Build","ip":["21.78.33.41","127.76.211.10"],"mac":["E811A38864F6","18E3565C5B52"],"name":"technical.doc","domain":"more.com","type":"also"},"http":{"request":{"body":{"bytes":1084,"content":"partners"},"bytes":3661,"id":"art","method":"supports","mime_type":"emerging","referrer":"goods"},"response":{"body":{"bytes":683,"content":"Cyber"},"bytes":2043,"mime_type":"cutting","status_code":1426},"version":"6.3.1"},"organization":{"id":"168","name":"RCN"},"process":{"args":["their","Program"],"args_count":4065,"command_line":"by","end":"2023-03-08T16:25:26.932770Z","entity_id":"LmbDUUjMrMCQGyfUbGM50","env_vars":{"key_a":"in","key_b":"them","key_c":"companies","key_d":"their"},"executable":"certain","exit_code":1781,"interactive":false,"name":"survey_is.lnk","parent":[{"args":["other","To","invite"],"args_count":3815,"command_line":"learn","end":"2023-02-04T02:45:05.932835Z","entity_id":"4AbXAYzI5cUyvcidurix9a","env_vars":{"key_a":"defence","key_b":"new"},"executable":"BCIP","exit_code":1653,"interactive":false,"name":"product.jpg","pid":1797,"same_as_process":false,"start":"2023-02-10T23:29:03.932905Z","user":{"id":"improve","name":"art_feedback.xls"}}],"pid":2021,"same_as_process":false,"start":"2023-02-05T00:44:32.932928Z","title":"website","uptime":2495,"user":{"id":"country","name":"tools.xls"},"working_directory":"vendors/partners/examine/programs"},"registry":{"data":{"bytes":"role","strings":["is","visit"],"type":"examine"},"hive":"their","key":"technologies","path":"their","value":"to"},"related":{"hash":["the","about","website"],"hosts":["but.com"],"ip":["101.119.58.243","139.243.149.187","93.247.224.142"],"user":["user","admin","user","admin"],"id":"do","uri":["ftp://all.biz/tools/from/learn/helps","ftp://invite.com/state/partnerships/assist/participating/Government","https://engaging.com/open/laboratory","ftp://edge.com/academia/tools/evaluate/determine"],"signature":["them"]},"server":{"ip":"35.107.246.20","address":"do","domain":"of.ca"},"source":{"address":"programs","bytes":1133,"domain":"invite.ca","geo":{"city_name":"programs.lnk","continent_code":"innovative","continent_name":"testing_potential_working.pdf","country_iso_code":"but","country_name":"goods_product_evaluate.xls","location":{"lon":1695.64,"lat":3997.04},"name":"work.jpg","postal_code":"edge","region_iso_code":"technologies","region_name":"engaging_them.jpg","timezone":"selling"},"ip":"114.158.190.169","mac":"ec:a1:27:60:52:72","nat":{"ip":"179.211.218.65","port":3821},"packets":1173,"port":290},"threat":{"feed":{"dashboard_id":"1qTPoRBn2GrDMqL9zEU87h","description":"Canada","name":"with_development_partnerships.lnk","reference":"in"},"framework":"Custom","group":{"alias":["an","partners"],"id":"working","name":"partners_complex_of.jpg","reference":"on"},"indicator":{"confidence":"Canadian","description":"Not to be compelled to be a witness in proceedings against that person in respect of the offence.","email":{"address":"survey"},"provider":"in","reference":"feedback","scanner_stats":530,"sightings":2139,"ip":"211.138.61.92","type":"technology","first_seen":"2023-03-03T08:23:15.933238Z","last_seen":"2023-02-22T14:11:18.933245Z"},"software":{"alias":["Build","experts"],"id":"One","name":"supports_private.xls","platform":["participating"],"reference":"new","type":"order"},"tactic":{"id":"TA0043","name":"Reconnaissance","reference":"potential"},"technique":{"id":"T1566.002","name":"Spearphishing Link","reference":"are"}},"tls":{"version":"7.0.8","version_protocol":"4.4.4","client":{"server_name":"transition_cutting_product.lnk","ja3":"examine"},"server":{"ja3s":"provide"}},"url":{"domain":"with.com","extension":"to","fragment":"One","full":"Build","original":"feedback","password":"engaging","path":"participating","port":3488,"query":"product","registered_domain":"open.ca","scheme":"market","subdomain":"their.com","top_level_domain":"tools.edu","username":"admin"},"user":{"domain":"helps.ca","email":"innovation@companies.ca","full_name":"certain_to_our.exe","group":{"domain":"cyber.edu","id":"testing","name":"product_environment_potential.pdf"},"hash":"are","id":"programs","name":"partnerships","roles":["BCIP","innovations","constantly"]},"user_agent":{"device":{"name":"cutting_performs_testing.gif"},"name":"examine_supports.doc","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","os":{"family":"role","full":"working","kernel":"determine","name":"our_tools.doc","platform":"defence","type":"our","version":"8.3.1"},"version":"7.1.4"},"vulnerability":{"category":["Canadian","survey","Innovation"],"classification":"innovations","description":"other","enumeration":"To","id":"emerging","reference":"academia","report_id":"65K34TdDt3gelWV1Ya8SBf"}},"6HpY8G3QQmuqWARqI0iw1m":{"timestamp":"2023-02-25T14:41:44.950260Z","labels":{"key_a":"To"},"tags":["partners","performs","are"],"howler":{"id":"6HpY8G3QQmuqWARqI0iw1m","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Command and Control","hash":"f111c7ca9fd031ccab19d1381510779308cf8d96b1647c8a216a8a01f6d57732","related":["Canadian"],"reliability":179.85,"severity":1506.98,"volume":2411.58,"confidence":218.01,"score":3064.6,"status":"open","scrutiny":"inspected","escalation":"alert","assessment":null,"comment":[{"id":"1iU90QtYg0ECImVXWFwcbl","timestamp":"2023-03-02T04:52:08.950433Z","modified":"2023-02-12T08:54:53.950438Z","value":"Everyone has the right on arrest or detention.","user":"user"},{"id":"37AbLepEsJrPO0dVBUZ3Ke","timestamp":"2023-02-12T20:09:40.950467Z","modified":"2023-02-12T19:41:37.950471Z","value":"English and French linguistic communities in New Brunswick.","user":"shawnh"},{"id":"3B3cznjwpK1IZs97xbeaCF","timestamp":"2023-03-01T18:46:24.950496Z","modified":"2023-03-03T16:28:39.950500Z","value":"Any person charged with an offence has the right.","user":"user"},{"modified":"2023-03-10T14:54:59.907723Z","id":"4YyGvCca6njF063PyWUHOx","value":"test","user":"shawnh","timestamp":"2023-03-10T14:54:59.907650Z"},{"modified":"2023-03-10T14:55:39.854478Z","id":"4i12AY2H1LwkT775qGiDd4","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:39.854428Z"},{"modified":"2023-03-10T15:11:45.478685Z","id":"4I4MetMl2r236kumBEgbtN","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:45.478640Z"},{"modified":"2023-03-10T15:12:31.245179Z","id":"48nkAMzhbMOwSZqFxiyGgN","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:31.245130Z"},{"modified":"2023-03-10T15:13:01.735687Z","id":"6n6N2stuvKuxbGiHsBFMco","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:01.735650Z"},{"modified":"2023-03-10T15:13:25.509492Z","id":"pf6c9XhZNK859OiFA2Gjh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:25.509448Z"},{"modified":"2023-03-10T15:14:20.891239Z","id":"2Si4Ac9DW26w08lqZPW5H6","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:20.891198Z"},{"modified":"2023-03-10T15:14:47.543257Z","id":"3A5Bqc2fkKzAmLKJgey73f","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:47.543173Z"},{"modified":"2023-03-10T15:19:07.540732Z","id":"6K6MJYL6k7Ce83ZaB18Zlo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:07.540690Z"},{"modified":"2023-03-10T15:20:00.281750Z","id":"1aFqKh54V5pdwEaVSyfRRw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:00.281670Z"},{"modified":"2023-03-10T15:21:38.477327Z","id":"my0WoRSxLDWhMCytRciyw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:38.477272Z"},{"modified":"2023-03-10T15:23:12.917211Z","id":"2M8BxfsYMohqoduxTEfbaC","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:12.917150Z"},{"modified":"2023-03-10T15:26:27.022015Z","id":"Tq1TCEYVnFa6CIHoI9c5N","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:27.021892Z"},{"modified":"2023-03-10T15:30:59.847828Z","id":"4Auw9rjACU1z7pkfugAZ1l","value":"test","user":"shawnh","timestamp":"2023-03-10T15:30:59.847794Z"},{"modified":"2023-03-10T15:34:14.336218Z","id":"3nkJ96ILIshe3HI88pcUFT","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:14.336144Z"},{"modified":"2023-03-10T15:40:25.230016Z","id":"4KWpgNOILXuduTiB6nHNqU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:25.229981Z"}],"log":[{"timestamp":"2023-03-09T04:03:10.950510Z","key":"feedback","explanation":"Arrest or detention.","new_value":"on","type":"appended","previous_value":"services","user":"user"},{"timestamp":"2023-02-12T20:47:02.950529Z","key":"more","explanation":"Mobility Rights.","new_value":"innovation","type":"appended","previous_value":"also","user":"admin"},{"timestamp":"2023-03-04T08:23:58.950546Z","key":"performs","explanation":"English and French linguistic communities in New Brunswick.","new_value":"evaluate","type":"set","previous_value":"testing","user":"admin"},{"timestamp":"2023-02-11T17:32:12.950563Z","key":"Innovation","explanation":"Not to be denied reasonable bail without just cause.","new_value":"invite","type":"appended","previous_value":"in","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4YyGvCca6njF063PyWUHOx\\", \\"timestamp\\": \\"2023-03-10T14:54:59.907650Z\\", \\"modified\\": \\"2023-03-10T14:54:59.907723Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:00.015183Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4i12AY2H1LwkT775qGiDd4\\", \\"timestamp\\": \\"2023-03-10T14:55:39.854428Z\\", \\"modified\\": \\"2023-03-10T14:55:39.854478Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:39.948036Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4I4MetMl2r236kumBEgbtN\\", \\"timestamp\\": \\"2023-03-10T15:11:45.478640Z\\", \\"modified\\": \\"2023-03-10T15:11:45.478685Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:45.551767Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"48nkAMzhbMOwSZqFxiyGgN\\", \\"timestamp\\": \\"2023-03-10T15:12:31.245130Z\\", \\"modified\\": \\"2023-03-10T15:12:31.245179Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:31.322507Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6n6N2stuvKuxbGiHsBFMco\\", \\"timestamp\\": \\"2023-03-10T15:13:01.735650Z\\", \\"modified\\": \\"2023-03-10T15:13:01.735687Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:01.807622Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"pf6c9XhZNK859OiFA2Gjh\\", \\"timestamp\\": \\"2023-03-10T15:13:25.509448Z\\", \\"modified\\": \\"2023-03-10T15:13:25.509492Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:25.590584Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2Si4Ac9DW26w08lqZPW5H6\\", \\"timestamp\\": \\"2023-03-10T15:14:20.891198Z\\", \\"modified\\": \\"2023-03-10T15:14:20.891239Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:20.972979Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3A5Bqc2fkKzAmLKJgey73f\\", \\"timestamp\\": \\"2023-03-10T15:14:47.543173Z\\", \\"modified\\": \\"2023-03-10T15:14:47.543257Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:47.654177Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6K6MJYL6k7Ce83ZaB18Zlo\\", \\"timestamp\\": \\"2023-03-10T15:19:07.540690Z\\", \\"modified\\": \\"2023-03-10T15:19:07.540732Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:07.633902Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1aFqKh54V5pdwEaVSyfRRw\\", \\"timestamp\\": \\"2023-03-10T15:20:00.281670Z\\", \\"modified\\": \\"2023-03-10T15:20:00.281750Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:00.378665Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"my0WoRSxLDWhMCytRciyw\\", \\"timestamp\\": \\"2023-03-10T15:21:38.477272Z\\", \\"modified\\": \\"2023-03-10T15:21:38.477327Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:38.567134Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2M8BxfsYMohqoduxTEfbaC\\", \\"timestamp\\": \\"2023-03-10T15:23:12.917150Z\\", \\"modified\\": \\"2023-03-10T15:23:12.917211Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:13.017792Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Tq1TCEYVnFa6CIHoI9c5N\\", \\"timestamp\\": \\"2023-03-10T15:26:27.021892Z\\", \\"modified\\": \\"2023-03-10T15:26:27.022015Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:27.131622Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Auw9rjACU1z7pkfugAZ1l\\", \\"timestamp\\": \\"2023-03-10T15:30:59.847794Z\\", \\"modified\\": \\"2023-03-10T15:30:59.847828Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:30:59.920369Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3nkJ96ILIshe3HI88pcUFT\\", \\"timestamp\\": \\"2023-03-10T15:34:14.336144Z\\", \\"modified\\": \\"2023-03-10T15:34:14.336218Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:14.416521Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4KWpgNOILXuduTiB6nHNqU\\", \\"timestamp\\": \\"2023-03-10T15:40:25.229981Z\\", \\"modified\\": \\"2023-03-10T15:40:25.230016Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:25.301489Z"}],"retained":"of","monitored":"marketplace","reported":"commercial","mitigated":"We","outline":{"threat":"97.163.38.65","target":"31ac456bca1952bf7584692d5064cb09.gc.ca","indicators":["technologies_order_certain.jpg","collaborating_services.xls"],"summary":"Rights and freedoms in Canada."},"labels":{"assignments":["ACE1C","APA2B"],"generic":["Drive","Super Teams","Outlook"]},"votes":{"benign":["the"],"obscure":["marketplace","feedback"],"malicious":["order","partners","To","constantly"]},"dossier":{"key_a":"[\\"work\\", \\"transition\\", \\"supports\\"]","key_b":"true"}},"assemblyline":{"antivirus":[{"type":"goods","subtype":"Canada","value":"constantly","verdict":"safe"}],"attribution":[{"type":"new","subtype":"laboratory","value":"Program","verdict":"safe"},{"type":"One","subtype":"also","value":"constantly","verdict":"malicious"},{"type":"country","subtype":"The","value":"visit","verdict":"info"}],"behaviour":[{"type":"website","subtype":"Canadian","value":"of","verdict":"suspicious"},{"type":"key","subtype":"technologies","value":"learn","verdict":"suspicious"},{"type":"evaluate","subtype":"development","value":"levels","verdict":"info"},{"type":"services","subtype":"are","value":"Innovation","verdict":"info"}],"domain":[{"type":"innovative","subtype":"the","value":"assist","verdict":"constantly"}],"heuristic":[{"type":"vendors","subtype":"product","value":"Cyber","verdict":"malicious"}],"mitre":{"tactic":[{"type":"role","subtype":"their","value":"website","verdict":"info"}],"technique":[{"type":"work","subtype":"improve","value":"open","verdict":"malicious"}]},"uri":[{"type":"but","subtype":"also","value":"bringing","verdict":"transition"},{"type":"website","subtype":"work","value":"sizes","verdict":"on"}],"yara":[{"type":"working","subtype":"us","value":"companies","verdict":"suspicious"}]},"agent":{"id":"us","name":"levels_in.jpg","type":"new","version":"8.3.4"},"cbs":{"sharepoint":{"created":{"application":"levels","user":"user"},"modified":{"application":"government","user":"user"}}},"cloud":{"account":{"id":"7gn3yPCTauEufyS7wFyh1C","name":"for_role_other.exe"},"availability_zone":"commercial","instance":{"id":"work","name":"also_provide_industry.lnk"},"machine":{"type":"technical"},"project":{"id":"bringing","name":"services.lnk"},"provider":"survey","region":"problems","service":{"name":"Azure"},"tenant_id":"7eMn0Fd05yL3gGC6gZZmxl"},"container":{"id":"laboratory","image":{"hash":{"all":["technologies","Centre"]},"name":"support_government_this.exe","tag":["certain","cutting"]},"labels":{"key_a":"across"},"name":"the_work_problems.pdf","runtime":"examine"},"destination":{"address":"programs","bytes":2714,"domain":"innovative.edu","geo":{"city_name":"program.doc","continent_code":"To","continent_name":"complex_government_innovative.exe","country_iso_code":"commercial","country_name":"to_with_art.gif","location":{"lon":2284.33,"lat":3692.18},"name":"academia_vendors.jpg","postal_code":"country","region_iso_code":"innovation","region_name":"also.doc","timezone":"problems"},"ip":"103.219.198.216","mac":"a5:49:f8:08:1c:98","nat":{"ip":"82.111.164.94","port":1081},"packets":2153,"port":2821},"dns":{"answers":[{"class":"Canada","data":"sizes","name":"other.doc","ttl":1260,"type":"transition"},{"class":"supports","data":"We","name":"experts_feedback_to.pdf","ttl":1952,"type":"companies"},{"class":"about","data":"in","name":"are.ppt","ttl":2621,"type":"The"}],"header_flags":["enhanced"],"id":"country","op_code":"this","question":{"class":"by","name":"enhanced_key.exe","registered_domain":"sizes.com","subdomain":"also.com","top_level_domain":"their.edu","type":"visit"},"resolved_ip":["157.79.127.120","43.102.58.111","132.204.133.220"],"response_code":"in","type":"companies"},"ecs":{"version":"8.2.4"},"error":{"code":"emerging","message":"Centre"},"event":{"action":"on","category":["intrusion_detection","registry"],"code":"our","created":"2023-03-09T10:21:50.951166Z","dataset":"cutting","duration":1052,"end":"2023-02-11T04:41:08.951176Z","hash":"work","id":"6HpY8G3QQmuqWARqI0iw1m","ingested":"2023-02-19T04:54:41.951184Z","kind":"enrichment","module":"laboratory","original":"edge","outcome":"unknown","provider":"CBS","reason":"supports","reference":"innovations","risk_score":3263.94,"risk_score_norm":3623.1,"sequence":504,"severity":1680,"start":"2023-02-08T08:44:21.951212Z","timezone":"One","type":["deletion","error","protocol"],"url":"work"},"email":{"attachments":[{"file":{"extension":"new","hash":{"md5":"9940ad0557da58025999082ed2cc93e8","sha1":"1df16a7838cf005a96230fc4ead9ef5cba5265b3","sha256":"4481a86ea8f2b416aef9d2f06a9f16ee648ada2f4d9dcf10e04d9ce45b873683","sha384":"1161eb409e0a95efad8602aeafa0f1181e6ba055c1527b17d2ff9fd75b557a6f98d9960aff16ed82158477f2e609a704","sha512":"94710177c323fc0fa2dd7054e86de4ffd9570466f5d2c5606974d18280e9c5b2b30581bb006e96ec3384f0dd89f94e9eb4796552652aac2da2b8e5636749a579","ssdeep":"57960:MkdinS6whXnvbTMD7g2GTN35q9eZrjwJY5bn0rPw:cQ8Pp9ymPLMw5YgvsvfvrpHXPIphjuvBFP1BfmELO0Vaq","tlsh":"Government"},"mime_type":"open","name":"development.doc","size":3408}},{"file":{"extension":"One","hash":{"md5":"086b810ab67a7e133d1017fc44d3e36c","sha1":"87256059a2e3b255f073e34e2c46f95d9385b15c","sha256":"d074845d4fd67e52bcdebda321eb54ac9711945397358c29d59cb461933441f4","sha384":"012f5fb17fc7eb6af9d04bee7d9d641ed516d670a93444464527ab0006b6bd1422ed1026d3b8c9bd7ed9bc7e2feb2df9","sha512":"ab0743cfa38097678e4181b54a3ad44182a806990d709021dfd6da979c45551561642081f1349630d1ba1e935d7f02b4e0e1647a4285b8fd428d5bebbd6d122d","ssdeep":"57362:SmYttQYPd0JJoQ9i8rpGswtbMkQsi0uAQfoqiN6eYjzQIgwOCpP:MfSS4AYvBqPuz3NUHSlPfTMk","tlsh":"commercial"},"mime_type":"partners","name":"cyber_emerging.ppt","size":535}}],"bcc":{"address":"we@technology.biz"},"cc":{"address":"potential@work.biz"},"content_type":"website","delivery_timestamp":"2023-02-15T07:41:16.951576Z","direction":"with","from":{"address":"collaborating@innovation.biz"},"local_id":"3GxHqSO1i3qDsbIS5t0p4X","message_id":"4Fq2XRynk9i8hw00hNpb8n","origination_timestamp":"2023-02-17T22:03:46.951632Z","reply_to":{"address":"engaging@government.biz"},"sender":{"address":"across@problems.biz"},"subject":"development","to":{"address":"order@supports.com"},"x_mailer":"work","parent":{"bcc":{"address":"country@by.com"},"cc":{"address":"assist@we.edu"},"from":{"address":"our@about.com"},"message_id":"2LoJe9jt7zt1BbaQ3K3e6C","origination_timestamp":"2023-03-08T06:30:28.951689Z","subject":"open","to":{"address":"with@potential.ca"},"source":"13.173.250.110","destination":"3.214.119.62"}},"faas":{"coldstart":false,"execution":"helps","id":"determine","name":"participating_cyber.doc","trigger":{"request_id":"53ebxXlwyNeenmIWQkn2So","type":"pubsub"},"version":"7.4.3"},"file":{"accessed":"2023-03-10T09:00:51.951762Z","attributes":["Government","more"],"created":"2023-03-04T07:51:59.951775Z","ctime":"2023-02-24T09:08:34.951780Z","device":"Canadian","directory":"transition/cutting/development/innovative","drive_letter":"learn","extension":"do","fork_name":"in.ppt","gid":"in","group":"USERS","inode":"working.com","mime_type":"of","mode":"defence","mtime":"2023-02-10T14:36:58.951818Z","name":"country_support.doc","owner":"vendors","path":"participating","size":1398,"target_path":"about","type":"dir","uid":"We","code_signature":{"digest_algorithm":"sha384","exists":true,"signing_id":"7Q1kWqoFrWhtu0wOWM2kVw","status":"learn","subject_name":"all_potential_innovation.doc","team_id":"216K1aJ60S6oeebHC6GFMw","timestamp":"2023-02-03T19:45:48.951902Z","trusted":false,"valid":false},"elf":{"architecture":"We","byte_order":"invite","cpu_type":"Canadian","creation_date":"participating","exports":["performs","goods","visit","improve"],"header":{"abi_version":"4.5.8","class":"marketplace","data":"defence","entrypoint":375,"object_version":"7.4.6","os_abi":"with","type":"work","version":"6.1.5"},"imports":["vendors","private","programs"],"sections":[{"chi2":458,"entropy":1384,"flags":"technology","name":"private_cyber.ppt","physical_offset":"website","physical_size":150,"type":"about","virtual_address":2550,"virtual_size":2136},{"chi2":2030,"entropy":2415,"flags":"innovation","name":"government_across_problems.xls","physical_offset":"work","physical_size":794,"type":"are","virtual_address":3841,"virtual_size":1965},{"chi2":562,"entropy":2232,"flags":"supports","name":"innovations_them.jpg","physical_offset":"enhanced","physical_size":942,"type":"this","virtual_address":2010,"virtual_size":655}],"segments":[{"chi2":2629,"entropy":3905,"flags":"transition","name":"helps.doc","physical_offset":"Cyber","physical_size":1835,"type":"technology","virtual_address":910,"virtual_size":2489},{"chi2":3614,"entropy":3579,"flags":"of","name":"are.pdf","physical_offset":"Government","physical_size":625,"type":"art","virtual_address":556,"virtual_size":2600}],"shared_libraries":["but","market"],"telfhash":"are"},"hash":{"md5":"6716e4cc0a30b39abe5fa633a184175a","sha1":"30a56813ef3ec54922169ddd47092d564df09be5","sha256":"10c5a42db4c17fdb63bbe461d07983dc0aaa014a06ad7fa867cc55f2db233649","sha384":"021de91980530ce634c133e1d047bf25248cc12edabb0e43b58e8139fdb6891c761d9136ac0a925425820a0aad98a08c","sha512":"fa1d8bd597f429e6e88aca436b762032dae825c5c6d3d7f6bbc83b43a36b7c62168fbf5999b8afde88aa43dd2f57c04d7d61b5ef0f5e09749b385b1a86668f0a","ssdeep":"78818:jxA0deExIVYuyaXhpzglJqVXEoMppO5cy:FB2f0YPyYh3PQrRajDVTZrYLPjG8","tlsh":"state"},"pe":{"architecture":"engaging","company":"transition","description":"feedback","file_version":"do_us_are.lnk","imphash":"across","original_file_name":"vendors.jpg","pehash":"private","product":"supports"}},"group":{"domain":"partners.biz","id":"enhanced","name":"innovation_the_the.xls"},"host":{"id":"cyber","ip":["145.22.74.185","58.178.33.90","106.65.4.232"],"mac":["93332DA7E3F7","3B0887EE3AEE"],"name":"innovations.lnk","domain":"order.biz","type":"evaluate"},"http":{"request":{"body":{"bytes":2423,"content":"industry"},"bytes":3444,"id":"to","method":"industry","mime_type":"of","referrer":"Centre"},"response":{"body":{"bytes":1957,"content":"innovation"},"bytes":3299,"mime_type":"Canadian","status_code":2464},"version":"5.3.1"},"organization":{"id":"79","name":"PrairiesCan"},"process":{"args":["problems","provide","private"],"args_count":737,"command_line":"working","end":"2023-03-10T07:23:42.952379Z","entity_id":"2SM84ZJmf0eLqb65QndEzL","env_vars":{"key_a":"emerging","key_b":"services"},"executable":"visit","exit_code":1736,"interactive":true,"name":"one_certain_programs.exe","parent":[{"args":["marketplace","more","all"],"args_count":1070,"command_line":"role","end":"2023-02-25T02:45:23.952438Z","entity_id":"6k2k2JBhm3E0FwAb6TpOuL","env_vars":{"key_a":"market","key_b":"programs","key_c":"new"},"executable":"certain","exit_code":1884,"interactive":true,"name":"emerging_cyber_technical.exe","pid":496,"same_as_process":false,"start":"2023-02-06T14:33:51.952486Z","user":{"id":"us","name":"engaging.xls"}},{"args":["BCIP","industry","about","transition"],"args_count":3706,"command_line":"levels","end":"2023-02-28T23:26:53.952513Z","entity_id":"2KGzLmvbI0EAufMGAQY6NV","env_vars":{"key_a":"examine","key_b":"their","key_c":"programs","key_d":"stays"},"executable":"partnerships","exit_code":1418,"interactive":false,"name":"centre_feedback.exe","pid":3478,"same_as_process":true,"start":"2023-02-08T07:19:02.952559Z","user":{"id":"vendors","name":"invite_development_all.exe"}},{"args":["by","about","partnerships","visit"],"args_count":1718,"command_line":"One","end":"2023-03-09T23:34:40.952585Z","entity_id":"35tAYdV8I8W2GobnNDNP7i","env_vars":{"key_a":"also","key_b":"supports","key_c":"We"},"executable":"development","exit_code":2215,"interactive":true,"name":"one_also_emerging.exe","pid":1207,"same_as_process":true,"start":"2023-03-07T21:48:46.952628Z","user":{"id":"improve","name":"with_defence.pdf"}}],"pid":3409,"same_as_process":true,"start":"2023-03-02T11:43:58.952643Z","title":"improve","uptime":3372,"user":{"id":"transition","name":"survey_technology.doc"},"working_directory":"market/support/potential"},"registry":{"data":{"bytes":"are","strings":["levels"],"type":"working"},"hive":"stays","key":"stays","path":"them","value":"environment"},"related":{"hash":["working","supports","collaborating"],"hosts":["innovative.edu"],"ip":["48.166.58.216","121.124.133.250","22.134.210.1","147.126.253.60"],"user":["admin","admin"],"id":"work","uri":["http://more.biz/experts/to/Canadian/other/is","http://other.ca/Build/Innovation/from/development"],"signature":["tools","bringing"]},"server":{"ip":"170.33.216.50","address":"state","domain":"improve.edu"},"source":{"address":"programs","bytes":2201,"domain":"to.edu","geo":{"city_name":"state.xls","continent_code":"product","continent_name":"open_vendors.gif","country_iso_code":"Government","country_name":"are.pdf","location":{"lon":2771.15,"lat":3340.28},"name":"innovation.jpg","postal_code":"their","region_iso_code":"For","region_name":"government_cyber_survey.exe","timezone":"with"},"ip":"215.21.214.112","mac":"30:33:f3:85:98:77","nat":{"ip":"87.145.57.214","port":806},"packets":4004,"port":586},"threat":{"feed":{"dashboard_id":"4u3NMsCTu7HVj5aKHfNK9F","description":"goods","name":"engaging.doc","reference":"the"},"framework":"MITRE ATT&CK","group":{"alias":["examine","private","collaborating","with"],"id":"their","name":"program_transition.ppt","reference":"technology"},"indicator":{"confidence":"state","description":"English and French linguistic communities in New Brunswick.","email":{"address":"Innovation"},"provider":"all","reference":"our","scanner_stats":970,"sightings":1803,"ip":"76.131.73.77","type":"promote","first_seen":"2023-02-23T05:42:48.952914Z","last_seen":"2023-02-13T05:28:26.952919Z"},"software":{"alias":["Government","them"],"id":"technical","name":"marketplace.xls","platform":["this","engaging"],"reference":"but","type":"marketplace"},"tactic":{"id":"TA0011","name":"Command and Control","reference":"academia"},"technique":{"id":"T1566.002","name":"Spearphishing Link","reference":"promote"}},"tls":{"version":"4.0.4","version_protocol":"7.0.0","client":{"server_name":"emerging.gif","ja3":"Centre"},"server":{"ja3s":"vendors"}},"url":{"domain":"partnerships.edu","extension":"technologies","fragment":"We","full":"support","original":"state","password":"with","path":"country","port":4062,"query":"testing","registered_domain":"for.com","scheme":"on","subdomain":"one.biz","top_level_domain":"stays.ca","username":"admin"},"user":{"domain":"determine.biz","email":"commercial@technical.edu","full_name":"to_enhanced.lnk","group":{"domain":"role.ca","id":"technical","name":"state_technical_is.pdf"},"hash":"authority","id":"Build","name":"performs","roles":["participating","improve","open","programs"]},"user_agent":{"device":{"name":"problems_stays_promote.gif"},"name":"survey_about.jpg","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"to","full":"but","kernel":"transition","name":"levels.ppt","platform":"new","type":"For","version":"4.2.7"},"version":"5.5.7"},"vulnerability":{"category":["other"],"classification":"do","description":"determine","enumeration":"BCIP","id":"academia","reference":"improve","report_id":"4KkuK5QVBuI7PGADWVOkBE"}},"6dYKdQpkZ7S6NTxSdyUBC4":{"timestamp":"2023-03-09T14:45:49.269447Z","labels":{"key_a":"academia","key_b":"academia"},"tags":["about","Canada","provide","product"],"howler":{"id":"6dYKdQpkZ7S6NTxSdyUBC4","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Reconnaissance","hash":"ede8b35f538993d4fee9de2638032eef4228e2fc92f8d48dd111a0831fccbd26","related":["other","role"],"reliability":1591.24,"severity":595.78,"volume":1340.25,"confidence":715.43,"score":3203.92,"status":"open","scrutiny":"inspected","escalation":"hit","assessment":null,"comment":[{"id":"7CiaK9t4sFlqcvLtspOoQk","timestamp":"2023-02-16T10:55:08.269636Z","modified":"2023-03-03T10:37:43.269642Z","value":"Equality before and under law and equal protection and benefit of law.","user":"admin"},{"id":"4PmrC0HZcoacnz9UHJnqR3","timestamp":"2023-03-01T10:33:42.269673Z","modified":"2023-02-12T21:09:47.269676Z","value":"Parliament or the legislature of a province may expressly declare in an Act of Parliament or of the legislature, as the case may be, that the Act or a provision thereof shall operate notwithstanding a provision included in section 2 or sections 7 to 15 of this Charter.","user":"shawnh"},{"id":"2aX5G4rG5B7O4pLikRD3gH","timestamp":"2023-02-15T08:28:22.269703Z","modified":"2023-02-15T08:36:37.269706Z","value":"Whereas Canada is founded upon principles that recognize the supremacy of God and the rule of law.","user":"user"},{"id":"7FQF9jTzcDt4YT3YvOU0Xu","timestamp":"2023-02-21T11:25:32.269732Z","modified":"2023-02-16T05:51:14.269735Z","value":"Everyone has the following fundamental freedoms.","user":"admin"},{"modified":"2023-03-10T14:55:00.283305Z","id":"56coh76iBhNoknxeto981M","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:00.283249Z"},{"modified":"2023-03-10T14:55:40.204833Z","id":"2VSZAx64KiBIK1jJ8UXHfG","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:40.204782Z"},{"modified":"2023-03-10T15:11:45.780099Z","id":"3Gu5yI29cCBAx6na38ttnP","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:45.780056Z"},{"modified":"2023-03-10T15:12:31.552687Z","id":"3aMOiba9ARDMAwyjObwlbK","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:31.552646Z"},{"modified":"2023-03-10T15:13:02.051361Z","id":"5vJx9sU1DzZEeesAw5F5iA","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:02.051312Z"},{"modified":"2023-03-10T15:13:25.818724Z","id":"2dFihwqr7DOdEp01Chk2CE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:25.818689Z"},{"modified":"2023-03-10T15:14:21.207662Z","id":"jQ8RYj21qGAt0i7VrRDwS","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:21.207625Z"},{"modified":"2023-03-10T15:14:47.865503Z","id":"5G6UVteGNZgESWzRlNxSjo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:47.865457Z"},{"modified":"2023-03-10T15:19:07.895475Z","id":"7c91GPiaXvKNOS8x7SX0Mo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:07.895425Z"},{"modified":"2023-03-10T15:20:00.678528Z","id":"1okxnPjvTbokzl3k4hJzTW","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:00.678469Z"},{"modified":"2023-03-10T15:21:38.833282Z","id":"1kZGu7n78QZeEdgWEY0Exn","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:38.833222Z"},{"modified":"2023-03-10T15:23:13.276154Z","id":"1y4aKTNniXUfbEdCzOM7aI","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:13.276102Z"},{"modified":"2023-03-10T15:26:27.468487Z","id":"2oAKQdl4b1UxTRogahIJWR","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:27.468418Z"},{"modified":"2023-03-10T15:31:00.154851Z","id":"1xJhh9W0ZcOdLb9RacCfzq","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:00.154810Z"},{"modified":"2023-03-10T15:34:14.638565Z","id":"1NllO1eDmjA2HwkHanh8ix","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:14.638529Z"},{"modified":"2023-03-10T15:40:25.547249Z","id":"6b4bGAqvuaZaZ6t2AGuh18","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:25.547181Z"}],"log":[{"timestamp":"2023-03-04T05:22:23.269746Z","key":"private","explanation":"Rights and freedoms in Canada.","new_value":"Innovation","type":"appended","previous_value":"determine","user":"user"},{"timestamp":"2023-03-08T11:30:11.269766Z","key":"the","explanation":"A party or witness in any proceedings who does not understand or speak the language in which the proceedings are conducted or who is deaf has the right to the assistance of an interpreter.","new_value":"defence","type":"appended","previous_value":"about","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"56coh76iBhNoknxeto981M\\", \\"timestamp\\": \\"2023-03-10T14:55:00.283249Z\\", \\"modified\\": \\"2023-03-10T14:55:00.283305Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:00.367630Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2VSZAx64KiBIK1jJ8UXHfG\\", \\"timestamp\\": \\"2023-03-10T14:55:40.204782Z\\", \\"modified\\": \\"2023-03-10T14:55:40.204833Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:40.278776Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3Gu5yI29cCBAx6na38ttnP\\", \\"timestamp\\": \\"2023-03-10T15:11:45.780056Z\\", \\"modified\\": \\"2023-03-10T15:11:45.780099Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:45.852864Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3aMOiba9ARDMAwyjObwlbK\\", \\"timestamp\\": \\"2023-03-10T15:12:31.552646Z\\", \\"modified\\": \\"2023-03-10T15:12:31.552687Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:31.631555Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5vJx9sU1DzZEeesAw5F5iA\\", \\"timestamp\\": \\"2023-03-10T15:13:02.051312Z\\", \\"modified\\": \\"2023-03-10T15:13:02.051361Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:02.132233Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2dFihwqr7DOdEp01Chk2CE\\", \\"timestamp\\": \\"2023-03-10T15:13:25.818689Z\\", \\"modified\\": \\"2023-03-10T15:13:25.818724Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:25.889781Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"jQ8RYj21qGAt0i7VrRDwS\\", \\"timestamp\\": \\"2023-03-10T15:14:21.207625Z\\", \\"modified\\": \\"2023-03-10T15:14:21.207662Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:21.278184Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5G6UVteGNZgESWzRlNxSjo\\", \\"timestamp\\": \\"2023-03-10T15:14:47.865457Z\\", \\"modified\\": \\"2023-03-10T15:14:47.865503Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:47.929888Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7c91GPiaXvKNOS8x7SX0Mo\\", \\"timestamp\\": \\"2023-03-10T15:19:07.895425Z\\", \\"modified\\": \\"2023-03-10T15:19:07.895475Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:07.979296Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1okxnPjvTbokzl3k4hJzTW\\", \\"timestamp\\": \\"2023-03-10T15:20:00.678469Z\\", \\"modified\\": \\"2023-03-10T15:20:00.678528Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:00.787324Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1kZGu7n78QZeEdgWEY0Exn\\", \\"timestamp\\": \\"2023-03-10T15:21:38.833222Z\\", \\"modified\\": \\"2023-03-10T15:21:38.833282Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:38.967847Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1y4aKTNniXUfbEdCzOM7aI\\", \\"timestamp\\": \\"2023-03-10T15:23:13.276102Z\\", \\"modified\\": \\"2023-03-10T15:23:13.276154Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:13.360048Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2oAKQdl4b1UxTRogahIJWR\\", \\"timestamp\\": \\"2023-03-10T15:26:27.468418Z\\", \\"modified\\": \\"2023-03-10T15:26:27.468487Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:27.572868Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1xJhh9W0ZcOdLb9RacCfzq\\", \\"timestamp\\": \\"2023-03-10T15:31:00.154810Z\\", \\"modified\\": \\"2023-03-10T15:31:00.154851Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:00.236734Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1NllO1eDmjA2HwkHanh8ix\\", \\"timestamp\\": \\"2023-03-10T15:34:14.638529Z\\", \\"modified\\": \\"2023-03-10T15:34:14.638565Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:14.707363Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6b4bGAqvuaZaZ6t2AGuh18\\", \\"timestamp\\": \\"2023-03-10T15:40:25.547181Z\\", \\"modified\\": \\"2023-03-10T15:40:25.547249Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:25.624165Z"}],"retained":"stays","monitored":"Cyber","reported":"marketplace","mitigated":"is","outline":{"threat":"53.183.207.158","target":"academia.com","indicators":["goods_defence.doc","our_problems_cyber.jpg","market_work.exe","engaging_emerging.pdf","supports.exe","cutting.xls","participating_commercial_are.gif","is_cyber.lnk","of.doc","by_partnerships.doc","in_invite_one.jpg","stays.lnk","in.ppt","open.xls"],"summary":"Anyone whose rights or freedoms, as guaranteed by this Charter, have been infringed or denied may apply to a court of competent jurisdiction to obtain such remedy as the court considers appropriate and just in the circumstances."},"labels":{"assignments":["APA2B","ACE1C","ADS2A"],"generic":["Drive","Outlook","Documentation"]},"votes":{"benign":["of","Canadian","partners"],"obscure":["country"],"malicious":["sizes","working","support","their"]},"dossier":{"key_a":"[\\"private\\", \\"government\\"]","key_b":"false","key_c":"private"}},"assemblyline":{"antivirus":[{"type":"Innovation","subtype":"support","value":"edge","verdict":"suspicious"},{"type":"cutting","subtype":"an","value":"authority","verdict":"suspicious"}],"attribution":[{"type":"potential","subtype":"also","value":"improve","verdict":"safe"},{"type":"Canadian","subtype":"state","value":"government","verdict":"malicious"},{"type":"state","subtype":"partnerships","value":"in","verdict":"malicious"},{"type":"technical","subtype":"visit","value":"key","verdict":"safe"}],"behaviour":[{"type":"also","subtype":"improve","value":"us","verdict":"info"}],"domain":[{"type":"helps","subtype":"enhanced","value":"but","verdict":"of"},{"type":"from","subtype":"authority","value":"cyber","verdict":"product"}],"heuristic":[{"type":"with","subtype":"services","value":"work","verdict":"safe"},{"type":"technical","subtype":"evaluate","value":"from","verdict":"info"},{"type":"innovation","subtype":"on","value":"goods","verdict":"safe"}],"mitre":{"tactic":[{"type":"Cyber","subtype":"of","value":"stays","verdict":"suspicious"},{"type":"Build","subtype":"engaging","value":"Government","verdict":"info"}],"technique":[{"type":"art","subtype":"vendors","value":"also","verdict":"suspicious"},{"type":"Innovation","subtype":"problems","value":"Innovation","verdict":"safe"},{"type":"our","subtype":"certain","value":"levels","verdict":"safe"}]},"uri":[{"type":"complex","subtype":"learn","value":"development","verdict":"partnerships"},{"type":"collaborating","subtype":"potential","value":"improve","verdict":"technical"}],"yara":[{"type":"all","subtype":"emerging","value":"assist","verdict":"suspicious"},{"type":"innovative","subtype":"technology","value":"them","verdict":"malicious"},{"type":"testing","subtype":"new","value":"environment","verdict":"safe"},{"type":"website","subtype":"vendors","value":"Cyber","verdict":"safe"}]},"agent":{"id":"Canadian","name":"them_innovations_but.ppt","type":"in","version":"8.2.5"},"cbs":{"sharepoint":{"created":{"application":"helps","user":"admin"},"modified":{"application":"The","user":"admin"}}},"cloud":{"account":{"id":"280tStY2xpvZuAOjbHbSx2","name":"engaging_academia.lnk"},"availability_zone":"engaging","instance":{"id":"government","name":"provide_industry.pdf"},"machine":{"type":"technologies"},"project":{"id":"transition","name":"about_website.doc"},"provider":"potential","region":"their","service":{"name":"Google Docs"},"tenant_id":"2EskWgi1UT3AO9A6lp4MOA"},"container":{"id":"development","image":{"hash":{"all":["innovation","Centre"]},"name":"state_the_us.jpg","tag":["invite","Build","working"]},"labels":{"key_a":"companies","key_b":"promote","key_c":"evaluate"},"name":"feedback_for.jpg","runtime":"partners"},"destination":{"address":"Centre","bytes":1301,"domain":"goods.com","geo":{"city_name":"invite_them.lnk","continent_code":"constantly","continent_name":"performs.exe","country_iso_code":"of","country_name":"supports_from.pdf","location":{"lon":3819,"lat":733.62},"name":"technical_canada.xls","postal_code":"survey","region_iso_code":"this","region_name":"authority.ppt","timezone":"invite"},"ip":"205.124.113.210","mac":"05:5d:61:76:c0:f8","nat":{"ip":"61.109.56.3","port":3839},"packets":3660,"port":638},"dns":{"answers":[{"class":"Cyber","data":"collaborating","name":"development_goods.lnk","ttl":1414,"type":"For"},{"class":"supports","data":"technical","name":"one_marketplace.jpg","ttl":1237,"type":"of"}],"header_flags":["learn","market"],"id":"supports","op_code":"performs","question":{"class":"Government","name":"innovation_complex.lnk","registered_domain":"provide.edu","subdomain":"academia.biz","top_level_domain":"selling.com","type":"assist"},"resolved_ip":["127.45.216.31","66.211.137.218","61.127.53.202","184.90.249.128"],"response_code":"security","type":"Government"},"ecs":{"version":"7.1.4"},"error":{"code":"The","message":"complex"},"event":{"action":"programs","category":["registry","web"],"code":"to","created":"2023-03-09T04:46:38.270625Z","dataset":"new","duration":2325,"end":"2023-03-09T07:43:30.270667Z","hash":"One","id":"6dYKdQpkZ7S6NTxSdyUBC4","ingested":"2023-02-12T11:54:39.270683Z","kind":"state","module":"Centre","original":"visit","outcome":"unknown","provider":"AssemblyLine","reason":"To","reference":"order","risk_score":1058.01,"risk_score_norm":3029.57,"sequence":2248,"severity":2097,"start":"2023-03-09T05:28:53.270717Z","timezone":"provide","type":["group","protocol","allowed"],"url":"selling"},"email":{"attachments":[{"file":{"extension":"technologies","hash":{"md5":"1ca1063fcd652f36400b9829dab8a3e5","sha1":"121a968227d5fb8b6d14196c20ed8c4b90c236ad","sha256":"80e175149277b67d4b741ab8f5bb6e2656bcf0304d704df54ad9a9ae80c1d0e9","sha384":"b29708ec85a4457d556b39186ea0d3e287abc3aa591e815f8dceb674352131c4d63a61f66655f60b33eb4a10ca1f8835","sha512":"77962d633cec8de1f6304b8309811755181dbd2cfec9372b3e8472ea038ab5f96da716ca41985b460428227644b8eae2c1a9e71179df728ab75d4071c648e48f","ssdeep":"82261:SwgfMz03KF5mctn8DPcs:3YiQU8KdhkvXmSx4Hlxzmh0sArjfwBrcILA3E0DjPMjiOT","tlsh":"security"},"mime_type":"partnerships","name":"edge.exe","size":3207}},{"file":{"extension":"supports","hash":{"md5":"e4d066064bc98811bcc9d27086b06a30","sha1":"99d6d9e4818aa58301b048edeb218d18b76225a5","sha256":"4233b1b7b206a944cf1ba79f02746734f19c7d752686dc3fa468a90df36d292c","sha384":"d3031e574c114907483c1ce1117291e8ce7d03eec03d903c1a6cb1c2e2339f3b3189ce56cdb24441dc1ba5ab1c3a3760","sha512":"f61bb35112eb26cb951b57e894d251dff80a9983feb3501e69213c9c0d6d6ba503d9448bc5f4867b13923f41d059fdb8b50b8b70b3fd7ed4539bcf28befa3a1d","ssdeep":"58488:GeKNPrcucd3idqnvdfjgz5umg8MKAVE20xMQ8XbPc8XjDPQ5CQ7p1fNIXPs:5tKB2p1KPXonX5Yw4j7MoCOZLRs9AI9vzBMD9prq1m0Pe5Z","tlsh":"levels"},"mime_type":"key","name":"technologies.ppt","size":3078}},{"file":{"extension":"assist","hash":{"md5":"308157a73518ebad94407ce9ec17b8bd","sha1":"f2f7d39584526aeeb14ddf4af4e904d8aa6164f5","sha256":"fb534c41408f3169edba6597a54991b03748a1e7c02fadbdef70dc96b5223833","sha384":"bae70b50f7d4d6213b8ce29837d3bce6ac82141f669ee55c510848aeb1c070c9ced4fb7c2348d87a1b12b81f6f7b2ef2","sha512":"1f3b2d13b7ef622c40bfb0f66c4d70f140ccce3117440c5f040623a469b27e08beb0e36f5a902e3d510280b0ced99aab26e0a6fd9c0bc43c80176fa92b3a8cdb","ssdeep":"32183:sSd4PCMorDSiP7e1daeG4I1MO09UyBo31Vesa20fkzpQGyJGB0E1jCIUh17dpBe8:XHjJBrPKoD2zmMLD7td2aUOmbp7RnAlJ","tlsh":"performs"},"mime_type":"more","name":"also_the.gif","size":2681}}],"bcc":{"address":"innovative@for.biz"},"cc":{"address":"key@edge.edu"},"content_type":"BCIP","delivery_timestamp":"2023-02-24T08:41:42.271298Z","direction":"us","from":{"address":"innovations@bringing.edu"},"local_id":"2y6WtleDzEqm9h4V1AztcX","message_id":"1pkUHgEWaGOeck635xSzaI","origination_timestamp":"2023-02-28T23:52:01.271358Z","reply_to":{"address":"development@of.ca"},"sender":{"address":"state@innovative.biz"},"subject":"to","to":{"address":"examine@for.ca"},"x_mailer":"product","parent":{"bcc":{"address":"cutting@partners.ca"},"cc":{"address":"evaluate@learn.biz"},"from":{"address":"working@art.edu"},"message_id":"24njwKAOtJrXKuWmtvHJkZ","origination_timestamp":"2023-02-23T14:58:50.271414Z","subject":"visit","to":{"address":"examine@tools.edu"},"source":"29.152.59.181","destination":"9.67.227.190"}},"faas":{"coldstart":true,"execution":"problems","id":"partnerships","name":"program_security_innovation.pdf","trigger":{"request_id":"7lBhtd1rb7gWkwINUlH1kj","type":"http"},"version":"4.3.0"},"file":{"accessed":"2023-02-11T12:40:18.271489Z","attributes":["participating","new","innovative"],"created":"2023-02-22T14:53:49.271504Z","ctime":"2023-02-11T12:37:25.271508Z","device":"industry","directory":"build/partners/about","drive_letter":"improve","extension":"determine","fork_name":"performs_performs_goods.ppt","gid":"but","group":"USERS","inode":"are.biz","mime_type":"levels","mode":"sizes","mtime":"2023-02-26T10:51:03.271548Z","name":"program_selling_canadian.xls","owner":"order","path":"constantly","size":3173,"target_path":"participating","type":"file","uid":"collaborating","code_signature":{"digest_algorithm":"md5","exists":true,"signing_id":"47FVdxPAJJXuoWZocNsMTj","status":"support","subject_name":"assist.ppt","team_id":"3lXuj7IIYOtNC2dmPTEy4Q","timestamp":"2023-03-01T17:23:06.271631Z","trusted":true,"valid":false},"elf":{"architecture":"enhanced","byte_order":"their","cpu_type":"survey","creation_date":"with","exports":["Government","bringing","feedback","role"],"header":{"abi_version":"4.0.3","class":"but","data":"other","entrypoint":1418,"object_version":"5.2.8","os_abi":"supports","type":"services","version":"4.3.5"},"imports":["do"],"sections":[{"chi2":2734,"entropy":813,"flags":"cyber","name":"in_canadian_security.xls","physical_offset":"but","physical_size":529,"type":"helps","virtual_address":2423,"virtual_size":2228},{"chi2":2955,"entropy":3065,"flags":"other","name":"art_work.doc","physical_offset":"technologies","physical_size":823,"type":"stays","virtual_address":772,"virtual_size":2938},{"chi2":2839,"entropy":3268,"flags":"The","name":"support_country.lnk","physical_offset":"art","physical_size":3234,"type":"other","virtual_address":281,"virtual_size":2665},{"chi2":2927,"entropy":3767,"flags":"technical","name":"promote_work_goods.pdf","physical_offset":"complex","physical_size":2571,"type":"The","virtual_address":3851,"virtual_size":242}],"segments":[{"chi2":3160,"entropy":3087,"flags":"innovative","name":"support_an_other.gif","physical_offset":"our","physical_size":3924,"type":"support","virtual_address":1638,"virtual_size":3916},{"chi2":648,"entropy":1366,"flags":"performs","name":"potential_edge.ppt","physical_offset":"cyber","physical_size":3298,"type":"complex","virtual_address":3321,"virtual_size":1502},{"chi2":3919,"entropy":1429,"flags":"innovation","name":"industry.xls","physical_offset":"assist","physical_size":2802,"type":"performs","virtual_address":4033,"virtual_size":2317},{"chi2":1833,"entropy":2143,"flags":"Canadian","name":"innovation_cyber.jpg","physical_offset":"The","physical_size":2622,"type":"on","virtual_address":2957,"virtual_size":3621}],"shared_libraries":["assist"],"telfhash":"complex"},"hash":{"md5":"5c8ac576954a35b71f60ea5d7578799e","sha1":"d8db65ac12189a717486f86d19cf924430937d1b","sha256":"9d181f587da4c8ce7c5e89dc1cbdd15861472ccef0bfe1a5d2f750ea3dc14126","sha384":"3b6783e88432e50e255b327fd6c71ca428fb6b0b6066868dd56c1f65a50deef099a308cb45bc914961cd488befd20b01","sha512":"e1e75f7e73eefdaba417f09d6e27593328cf7d7fad97a45b580d24fbe8d8f1037dfcd07f507dcd324439d52b853e1eb966b1e6bf049a888fe4373b94fdd6954b","ssdeep":"85858:aL8xBmXLkt2ZkefF8b7r10h80hOz1UQ1aRsCJ7OXJM0nZbSFSRcoy0yjrLEs2:av4kumOGiSS08EqviVUuxkBw0VwP5C2MYBo8DI40ktexdKXThY","tlsh":"order"},"pe":{"architecture":"engaging","company":"tools","description":"but","file_version":"development_is_to.jpg","imphash":"marketplace","original_file_name":"support.pdf","pehash":"For","product":"about"}},"group":{"domain":"build.ca","id":"experts","name":"our_selling.exe"},"host":{"id":"cyber","ip":["189.205.234.2","148.99.91.183","88.58.252.41"],"mac":["BA6F999455BE","B49B5AC35A31","104A49AE1638","98C50245132F"],"name":"emerging.pdf","domain":"constantly.ca","type":"services"},"http":{"request":{"body":{"bytes":1969,"content":"are"},"bytes":2148,"id":"the","method":"collaborating","mime_type":"marketplace","referrer":"transition"},"response":{"body":{"bytes":665,"content":"The"},"bytes":1272,"mime_type":"website","status_code":3485},"version":"7.0.0"},"organization":{"id":"159","name":"RCAF"},"process":{"args":["For"],"args_count":3361,"command_line":"tools","end":"2023-03-03T20:13:44.272220Z","entity_id":"4dutPCijNZac1aUrJmrDqU","env_vars":{"key_a":"also","key_b":"problems","key_c":"innovations","key_d":"from"},"executable":"government","exit_code":1195,"interactive":false,"name":"supports_transition.xls","parent":[{"args":["partners","For","art"],"args_count":3519,"command_line":"private","end":"2023-03-01T14:01:46.272288Z","entity_id":"2vvpB32TLavOVEdgG6zEmg","env_vars":{"key_a":"do","key_b":"working"},"executable":"from","exit_code":1867,"interactive":true,"name":"levels_all.exe","pid":3152,"same_as_process":false,"start":"2023-03-08T00:53:36.272337Z","user":{"id":"support","name":"stays_order_companies.lnk"}}],"pid":2875,"same_as_process":true,"start":"2023-03-04T18:47:59.272356Z","title":"helps","uptime":2095,"user":{"id":"across","name":"testing_sizes_key.lnk"},"working_directory":"partners/on/innovation/cyber/cyber"},"registry":{"data":{"bytes":"participating","strings":["authority","cyber"],"type":"work"},"hive":"certain","key":"levels","path":"feedback","value":"To"},"related":{"hash":["market","learn","To"],"hosts":["innovative.com","experts.com"],"ip":["89.122.45.78","111.135.2.76","178.130.171.84","47.26.223.236"],"user":["admin","user","user","admin"],"id":"bringing","uri":["https://country.ca/Cyber/us/engaging/Canada/enhanced/feedback","ftp://goods.com/but/them/new/cyber","http://feedback.biz/complex/Innovation/market/participating","ftp://our.com/in/services/The/partners"],"signature":["bringing","marketplace"]},"server":{"ip":"88.90.56.65","address":"more","domain":"marketplace.edu"},"source":{"address":"Program","bytes":354,"domain":"state.biz","geo":{"city_name":"their_cyber.gif","continent_code":"constantly","continent_name":"this_survey.jpg","country_iso_code":"state","country_name":"services_invite_sizes.gif","location":{"lon":1256.09,"lat":2668.62},"name":"improve_stays.ppt","postal_code":"new","region_iso_code":"order","region_name":"from_assist_complex.pdf","timezone":"state"},"ip":"23.205.43.95","mac":"33:d9:d0:b9:6a:a5","nat":{"ip":"219.232.73.201","port":1108},"packets":258,"port":2401},"threat":{"feed":{"dashboard_id":"44rSI5N0qs4ruOzHsrm72A","description":"art","name":"certain_examine_vendors.exe","reference":"Canadian"},"framework":"Custom","group":{"alias":["do","For"],"id":"but","name":"collaborating_country.gif","reference":"Canadian"},"indicator":{"confidence":"Centre","description":"Every citizen of Canada has the right to vote in an election of members of the House of Commons or of a legislative assembly and to be qualified for membership therein.","email":{"address":"security"},"provider":"market","reference":"programs","scanner_stats":1192,"sightings":867,"ip":"205.29.46.208","type":"Program","first_seen":"2023-02-10T12:50:45.272672Z","last_seen":"2023-02-21T07:06:21.272677Z"},"software":{"alias":["vendors","tools","in","technology"],"id":"government","name":"emerging.jpg","platform":["innovation","enhanced","We"],"reference":"government","type":"is"},"tactic":{"id":"TA0043","name":"Reconnaissance","reference":"provide"},"technique":{"id":"T1055.001","name":"Dynamic-link Library Injection","reference":"emerging"}},"tls":{"version":"7.5.8","version_protocol":"5.0.4","client":{"server_name":"is.gif","ja3":"survey"},"server":{"ja3s":"engaging"}},"url":{"domain":"our.edu","extension":"performs","fragment":"also","full":"helps","original":"transition","password":"problems","path":"role","port":3387,"query":"website","registered_domain":"constantly.edu","scheme":"companies","subdomain":"laboratory.biz","top_level_domain":"vendors.biz","username":"admin"},"user":{"domain":"performs.edu","email":"work@security.edu","full_name":"learn_state.ppt","group":{"domain":"from.com","id":"emerging","name":"by.jpg"},"hash":"determine","id":"security","name":"academia","roles":["transition","art","levels"]},"user_agent":{"device":{"name":"bringing_also_enhanced.exe"},"name":"new_constantly.exe","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","os":{"family":"emerging","full":"other","kernel":"provide","name":"collaborating.gif","platform":"testing","type":"enhanced","version":"4.1.2"},"version":"5.2.9"},"vulnerability":{"category":["other","working","Build"],"classification":"cutting","description":"our","enumeration":"in","id":"role","reference":"companies","report_id":"3xRoR3QbfpCe8YzgslXQIO"}},"7k17Yxyz41rrKRQV6KE0zP":{"timestamp":"2023-02-23T03:03:42.414975Z","labels":{"key_a":"examine","key_b":"more","key_c":"innovation","key_d":"services"},"tags":["country","problems"],"howler":{"id":"7k17Yxyz41rrKRQV6KE0zP","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Persistence","hash":"d2684ff301ac48e60339e41d1b4102289a78e063eeb32c2a3807916ef0be5897","related":["other","support","programs","assist"],"reliability":1554.6,"severity":3460.72,"volume":187.18,"confidence":2891.39,"score":3977.63,"status":"open","scrutiny":"inspected","escalation":"alert","assessment":null,"comment":[{"id":"6nxoUj9Q3exUT79BuGCHyj","timestamp":"2023-02-23T11:34:25.415145Z","modified":"2023-03-07T15:50:18.415151Z","value":"Applies wherever in the province the number of children of citizens who have such a right is sufficient to warrant the provision to them out of public funds of minority language instruction.","user":"admin"},{"modified":"2023-03-10T14:55:00.641384Z","id":"wPKFnhsL9XSfWN6uD1Yxs","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:00.641316Z"},{"modified":"2023-03-10T14:55:40.508118Z","id":"6CvmYBEvnQ08hePE1VJec7","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:40.508078Z"},{"modified":"2023-03-10T15:11:46.077075Z","id":"6PmXZc16cEqVEcs23IiuB","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:46.077041Z"},{"modified":"2023-03-10T15:12:31.867636Z","id":"69msH8PknY3hrcLdQXr1qD","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:31.867589Z"},{"modified":"2023-03-10T15:13:02.353781Z","id":"5AaFA1JD2NNWgRdZqyRGjp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:02.353746Z"},{"modified":"2023-03-10T15:13:26.116304Z","id":"4YCCadbJAlqS7kVSgTpL5","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:26.116269Z"},{"modified":"2023-03-10T15:14:21.513386Z","id":"4hJykE87bIndVLJJCU4pfP","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:21.513337Z"},{"modified":"2023-03-10T15:14:48.162517Z","id":"4olWIpiTacXdiUcW2wohaM","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:48.162469Z"},{"modified":"2023-03-10T15:19:08.241038Z","id":"3mz2YI0g5TJQNY3cY1Ug22","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:08.240986Z"},{"modified":"2023-03-10T15:20:01.071654Z","id":"7hqb5hA7D593CDyEoKNa9q","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:01.071426Z"},{"modified":"2023-03-10T15:21:39.374388Z","id":"32e8R3p2XkhYPv4w2A7i9B","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:39.374300Z"},{"modified":"2023-03-10T15:23:13.630233Z","id":"2xyATdTQQTxQcjTFD9QTBB","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:13.630175Z"},{"modified":"2023-03-10T15:26:27.866959Z","id":"1KsMNyfeTLWdS75YxMi6er","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:27.866911Z"},{"modified":"2023-03-10T15:31:00.463374Z","id":"4znb6WaelOW4cAt7G154Tl","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:00.463337Z"},{"modified":"2023-03-10T15:34:14.934586Z","id":"5KvaFOrl58cIZzlCZBfAw0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:14.934508Z"},{"modified":"2023-03-10T15:40:25.839720Z","id":"5Y9TDXJVeVSVbZyywLQDtS","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:25.839669Z"}],"log":[{"timestamp":"2023-02-17T02:18:48.415162Z","key":"us","explanation":"Fundamental freedoms.","new_value":"determine","type":"set","previous_value":"industry","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"wPKFnhsL9XSfWN6uD1Yxs\\", \\"timestamp\\": \\"2023-03-10T14:55:00.641316Z\\", \\"modified\\": \\"2023-03-10T14:55:00.641384Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:00.772915Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6CvmYBEvnQ08hePE1VJec7\\", \\"timestamp\\": \\"2023-03-10T14:55:40.508078Z\\", \\"modified\\": \\"2023-03-10T14:55:40.508118Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:40.580383Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6PmXZc16cEqVEcs23IiuB\\", \\"timestamp\\": \\"2023-03-10T15:11:46.077041Z\\", \\"modified\\": \\"2023-03-10T15:11:46.077075Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:46.148397Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"69msH8PknY3hrcLdQXr1qD\\", \\"timestamp\\": \\"2023-03-10T15:12:31.867589Z\\", \\"modified\\": \\"2023-03-10T15:12:31.867636Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:31.943413Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5AaFA1JD2NNWgRdZqyRGjp\\", \\"timestamp\\": \\"2023-03-10T15:13:02.353746Z\\", \\"modified\\": \\"2023-03-10T15:13:02.353781Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:02.424538Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4YCCadbJAlqS7kVSgTpL5\\", \\"timestamp\\": \\"2023-03-10T15:13:26.116269Z\\", \\"modified\\": \\"2023-03-10T15:13:26.116304Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:26.189939Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4hJykE87bIndVLJJCU4pfP\\", \\"timestamp\\": \\"2023-03-10T15:14:21.513337Z\\", \\"modified\\": \\"2023-03-10T15:14:21.513386Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:21.596215Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4olWIpiTacXdiUcW2wohaM\\", \\"timestamp\\": \\"2023-03-10T15:14:48.162469Z\\", \\"modified\\": \\"2023-03-10T15:14:48.162517Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:48.243158Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3mz2YI0g5TJQNY3cY1Ug22\\", \\"timestamp\\": \\"2023-03-10T15:19:08.240986Z\\", \\"modified\\": \\"2023-03-10T15:19:08.241038Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:08.333903Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7hqb5hA7D593CDyEoKNa9q\\", \\"timestamp\\": \\"2023-03-10T15:20:01.071426Z\\", \\"modified\\": \\"2023-03-10T15:20:01.071654Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:01.197517Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"32e8R3p2XkhYPv4w2A7i9B\\", \\"timestamp\\": \\"2023-03-10T15:21:39.374300Z\\", \\"modified\\": \\"2023-03-10T15:21:39.374388Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:39.461229Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2xyATdTQQTxQcjTFD9QTBB\\", \\"timestamp\\": \\"2023-03-10T15:23:13.630175Z\\", \\"modified\\": \\"2023-03-10T15:23:13.630233Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:13.713708Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1KsMNyfeTLWdS75YxMi6er\\", \\"timestamp\\": \\"2023-03-10T15:26:27.866911Z\\", \\"modified\\": \\"2023-03-10T15:26:27.866959Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:27.968656Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4znb6WaelOW4cAt7G154Tl\\", \\"timestamp\\": \\"2023-03-10T15:31:00.463337Z\\", \\"modified\\": \\"2023-03-10T15:31:00.463374Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:00.554635Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5KvaFOrl58cIZzlCZBfAw0\\", \\"timestamp\\": \\"2023-03-10T15:34:14.934508Z\\", \\"modified\\": \\"2023-03-10T15:34:14.934586Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:15.007636Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5Y9TDXJVeVSVbZyywLQDtS\\", \\"timestamp\\": \\"2023-03-10T15:40:25.839669Z\\", \\"modified\\": \\"2023-03-10T15:40:25.839720Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:25.920729Z"}],"retained":"technical","monitored":"an","reported":"sizes","mitigated":"The","outline":{"threat":"23.230.104.28","target":"improve.biz","indicators":["about.jpg","for_complex_determine.lnk","key.lnk","them_our.xls","open_development_tools.doc","key_feedback.pdf","invite_engaging.jpg","partners_more_product.doc"],"summary":"Every citizen of Canada has the right to enter, remain in and leave Canada."},"labels":{"assignments":["ADS4B","ACE1C","CCID1A"],"generic":["Super Teams"]},"votes":{"benign":["across","defence","BCIP"],"obscure":["The"],"malicious":["are","open"]},"dossier":{"key_a":"false","key_b":"role","key_c":"[\\"industry\\", \\"helps\\", \\"role\\", \\"assist\\"]"}},"assemblyline":{"antivirus":[{"type":"authority","subtype":"constantly","value":"Government","verdict":"safe"},{"type":"work","subtype":"is","value":"them","verdict":"info"},{"type":"this","subtype":"provide","value":"marketplace","verdict":"malicious"},{"type":"participating","subtype":"services","value":"their","verdict":"info"}],"attribution":[{"type":"visit","subtype":"complex","value":"country","verdict":"safe"},{"type":"engaging","subtype":"goods","value":"an","verdict":"safe"},{"type":"tools","subtype":"development","value":"edge","verdict":"info"}],"behaviour":[{"type":"To","subtype":"cyber","value":"transition","verdict":"safe"},{"type":"constantly","subtype":"Canadian","value":"the","verdict":"suspicious"},{"type":"partnerships","subtype":"do","value":"environment","verdict":"info"}],"domain":[{"type":"Program","subtype":"product","value":"learn","verdict":"environment"},{"type":"performs","subtype":"academia","value":"stays","verdict":"development"},{"type":"programs","subtype":"transition","value":"tools","verdict":"certain"},{"type":"other","subtype":"The","value":"provide","verdict":"partners"}],"heuristic":[{"type":"The","subtype":"We","value":"website","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"about","subtype":"them","value":"Program","verdict":"malicious"},{"type":"order","subtype":"performs","value":"development","verdict":"info"},{"type":"assist","subtype":"Centre","value":"authority","verdict":"malicious"},{"type":"art","subtype":"is","value":"For","verdict":"suspicious"}],"technique":[{"type":"Innovation","subtype":"We","value":"cutting","verdict":"info"},{"type":"environment","subtype":"other","value":"emerging","verdict":"info"},{"type":"promote","subtype":"but","value":"this","verdict":"malicious"},{"type":"levels","subtype":"stays","value":"more","verdict":"info"}]},"uri":[{"type":"to","subtype":"development","value":"cutting","verdict":"government"},{"type":"laboratory","subtype":"all","value":"website","verdict":"testing"}],"yara":[{"type":"cutting","subtype":"art","value":"certain","verdict":"info"},{"type":"levels","subtype":"We","value":"Cyber","verdict":"safe"},{"type":"other","subtype":"certain","value":"One","verdict":"malicious"},{"type":"with","subtype":"bringing","value":"technical","verdict":"suspicious"}]},"agent":{"id":"to","name":"technologies_learn.doc","type":"the","version":"4.3.4"},"cbs":{"sharepoint":{"created":{"application":"bringing","user":"admin"},"modified":{"application":"services","user":"user"}}},"cloud":{"account":{"id":"2rg440ndSRJ1LbBiuuAokw","name":"vendors_working_in.doc"},"availability_zone":"goods","instance":{"id":"Canadian","name":"complex_enhanced_stays.lnk"},"machine":{"type":"industry"},"project":{"id":"working","name":"to_work_of.lnk"},"provider":"commercial","region":"bringing","service":{"name":"Google Drive"},"tenant_id":"4hFqleq7UrZGcnmISU3Bfx"},"container":{"id":"partners","image":{"hash":{"all":["this"]},"name":"supports.pdf","tag":["product","art"]},"labels":{"key_a":"problems"},"name":"promote_feedback_with.gif","runtime":"state"},"destination":{"address":"certain","bytes":135,"domain":"innovation.edu","geo":{"city_name":"this_art.jpg","continent_code":"development","continent_name":"promote_feedback_certain.pdf","country_iso_code":"helps","country_name":"learn_programs_government.pdf","location":{"lon":3931.88,"lat":1077.81},"name":"cyber.lnk","postal_code":"For","region_iso_code":"vendors","region_name":"authority_stays.exe","timezone":"goods"},"ip":"229.23.211.209","mac":"c2:e6:c0:ec:ab:9a","nat":{"ip":"101.15.143.171","port":3341},"packets":3727,"port":1392},"dns":{"answers":[{"class":"their","data":"defence","name":"build_partnerships_product.pdf","ttl":3239,"type":"provide"},{"class":"is","data":"selling","name":"website_sizes_do.lnk","ttl":193,"type":"constantly"},{"class":"academia","data":"new","name":"one_government.doc","ttl":3130,"type":"partnerships"}],"header_flags":["problems"],"id":"innovation","op_code":"key","question":{"class":"emerging","name":"supports_working_canadian.doc","registered_domain":"art.edu","subdomain":"services.biz","top_level_domain":"role.com","type":"industry"},"resolved_ip":["249.181.70.34","33.1.42.198","136.141.57.64"],"response_code":"For","type":"other"},"ecs":{"version":"6.1.0"},"error":{"code":"invite","message":"performs"},"event":{"action":"to","category":["network","authentication","configuration","database"],"code":"partners","created":"2023-03-09T02:27:54.415902Z","dataset":"invite","duration":2345,"end":"2023-02-07T12:12:12.415915Z","hash":"edge","id":"7k17Yxyz41rrKRQV6KE0zP","ingested":"2023-02-19T16:26:53.415922Z","kind":"pipeline_error","module":"Build","original":"partnerships","outcome":"failure","provider":"HBS","reason":"about","reference":"tools","risk_score":898.03,"risk_score_norm":2703.61,"sequence":1313,"severity":2777,"start":"2023-03-04T04:40:08.415948Z","timezone":"an","type":["error","info"],"url":"Government"},"email":{"attachments":[{"file":{"extension":"partners","hash":{"md5":"57c9c6807e65159ba6341fa1a8656989","sha1":"b86cfecc58faa17ed472066669942f1637114d30","sha256":"0cf7a58a2e728b1d1edb77ffd16a1fe5f70980fa9bbf0ed461b58cf6e74cc50e","sha384":"36e135b4f04d7554e131c99faad0343ee74772aefe7ac9a4e6a8d937ce289ef32a5c33047d8888a6a61d6d344946da3c","sha512":"b7a383ba38fbbdd101fb7910a575cf9b6829cd952750469fed0149567ccc46e83e694bbde33dec988983c155432e308aeb48b44afed7f3d443c54dfbb15d64fe","ssdeep":"45558:Up9h5EHaM3dUefqlpQXfQCylsOILLOPiv4XfcyOKIB8AjtMog8:EEa68zbQ9aCjgrVLiFPSeKJuBSjea0PQf","tlsh":"learn"},"mime_type":"Centre","name":"role_assist.xls","size":1764}},{"file":{"extension":"of","hash":{"md5":"7d465b8798b20c460008fcec99b7e891","sha1":"86b91b06cb936d84a3a0dc087b73e28f0ed5520c","sha256":"d7661215a1b3c77b82f97aad0177ca3c46b2512ad4e5191c2a111673c105e6a6","sha384":"8ef5330e57f3a00fde0e49d3fcb4558445bf292cf1a0fcd31782f6d6070ef6ea147680bf23ff45a509956fe35f205dba","sha512":"57e633e446d8f35dbd65e37d6a4ae89c167f69a3fb6b4387c5007ce11407cfaf36af60c707b8f70589aa214286300f59880023e0c2a8939bac64f6ce724adbce","ssdeep":"21554:cgDlFmJ19PdyDHaRwr6j9p7b2AH1vV9TRD3cNqtkClIbZkF1MG7VA:z5CE2fNBS74jtIP6yayZeISpHXFfdELFgJSj2jP3m0NIPbjTtbtZAsuRrpppOKL","tlsh":"about"},"mime_type":"Program","name":"their_academia_for.exe","size":2376}}],"bcc":{"address":"build@to.biz"},"cc":{"address":"to@support.biz"},"content_type":"by","delivery_timestamp":"2023-03-03T02:41:50.416301Z","direction":"selling","from":{"address":"innovations@constantly.ca"},"local_id":"2LuOFlnE53hdu5YMyMiaRj","message_id":"4qGLcr94pWsWqoqfV8tnAr","origination_timestamp":"2023-02-10T15:40:27.416352Z","reply_to":{"address":"performs@selling.com"},"sender":{"address":"provide@market.biz"},"subject":"promote","to":{"address":"one@performs.biz"},"x_mailer":"certain","parent":{"bcc":{"address":"visit@development.edu"},"cc":{"address":"defence@industry.edu"},"from":{"address":"product@of.ca"},"message_id":"27oQkzNUZ3rjjToWZc5KBv","origination_timestamp":"2023-02-22T05:54:34.416402Z","subject":"certain","to":{"address":"constantly@learn.biz"},"source":"99.32.251.87","destination":"121.139.202.77"}},"faas":{"coldstart":false,"execution":"our","id":"promote","name":"experts_website.xls","trigger":{"request_id":"41KqoqIwNCJetZpuDwX0i7","type":"pubsub"},"version":"4.3.3"},"file":{"accessed":"2023-02-10T07:17:59.416466Z","attributes":["For","them","complex","the"],"created":"2023-03-07T18:19:52.416481Z","ctime":"2023-02-13T00:52:26.416485Z","device":"edge","directory":"technologies/services/testing","drive_letter":"cyber","extension":"academia","fork_name":"academia_performs.lnk","gid":"experts","group":"ANALYSTS","inode":"innovation.edu","mime_type":"cutting","mode":"determine","mtime":"2023-02-15T18:13:30.416519Z","name":"improve.ppt","owner":"transition","path":"Canada","size":3010,"target_path":"to","type":"dir","uid":"emerging","code_signature":{"digest_algorithm":"sha384","exists":false,"signing_id":"6CVpQnStYpd0rJK09MGjdu","status":"cyber","subject_name":"we_state.jpg","team_id":"25LVODsQ69AgbbzLah71OX","timestamp":"2023-02-14T06:12:00.416591Z","trusted":true,"valid":false},"elf":{"architecture":"support","byte_order":"innovative","cpu_type":"assist","creation_date":"To","exports":["levels","more","goods","innovations"],"header":{"abi_version":"4.3.5","class":"also","data":"vendors","entrypoint":2254,"object_version":"8.1.9","os_abi":"sizes","type":"the","version":"6.5.8"},"imports":["with","Centre","support"],"sections":[{"chi2":3814,"entropy":953,"flags":"visit","name":"more_examine.doc","physical_offset":"emerging","physical_size":1952,"type":"Program","virtual_address":1879,"virtual_size":2877},{"chi2":3637,"entropy":2612,"flags":"determine","name":"performs_participating_emerging.xls","physical_offset":"bringing","physical_size":1569,"type":"sizes","virtual_address":1857,"virtual_size":2848}],"segments":[{"chi2":2777,"entropy":2880,"flags":"collaborating","name":"evaluate.gif","physical_offset":"across","physical_size":3690,"type":"promote","virtual_address":633,"virtual_size":4043}],"shared_libraries":["environment","by"],"telfhash":"goods"},"hash":{"md5":"34581f4099e3430653d3acabf4246bc9","sha1":"e3d636c6301e3fd98a3c3429002a369fdb9e6002","sha256":"9c4684b5513ea91e1fd8bf6bcd21206df2617b2114db1438c787123a945c3071","sha384":"bcc18e0d9d1a709bd3c4fc98b10250c45337773b15d791e81ee14b33774a8e0d9cbcefbe75fd1cc9b6ae09810972ea61","sha512":"5c4a335b533f901367f66c07248bf5bdd83e5428886cecb1b20a9543d7bd3ddaabff89fb75a26e22c16f6a3c1176cdd7f1d31b04abbc983389ddfe0b176c92d6","ssdeep":"91489:54jytPopxSLSgqX0M7LSrs:EGDADZj9QBXXp354s86wqZxPx7j0hIyJXC3Ni","tlsh":"performs"},"pe":{"architecture":"partners","company":"testing","description":"Canada","file_version":"development.pdf","imphash":"this","original_file_name":"by_technical.xls","pehash":"experts","product":"country"}},"group":{"domain":"to.ca","id":"their","name":"cutting.xls"},"host":{"id":"across","ip":["156.180.148.70","181.93.251.181","79.228.142.215"],"mac":["E5D5792F53D3","B7595966CAE2","A19D45009DA7","894CDAAF7DAB"],"name":"academia_country.jpg","domain":"engaging.ca","type":"government"},"http":{"request":{"body":{"bytes":485,"content":"authority"},"bytes":1783,"id":"private","method":"Cyber","mime_type":"marketplace","referrer":"government"},"response":{"body":{"bytes":2612,"content":"Innovation"},"bytes":1241,"mime_type":"across","status_code":1073},"version":"6.2.4"},"organization":{"id":"35","name":"GLPA"},"process":{"args":["across","problems"],"args_count":317,"command_line":"services","end":"2023-02-04T06:03:40.417006Z","entity_id":"33gUTiVF6DgDqdVjBbUCED","env_vars":{"key_a":"supports","key_b":"product"},"executable":"key","exit_code":280,"interactive":false,"name":"programs_partners_innovation.gif","parent":[{"args":["them","visit"],"args_count":2392,"command_line":"tools","end":"2023-02-25T20:21:10.417062Z","entity_id":"5Bh1NyyUXU4wDeIvsyPKAZ","env_vars":{"key_a":"potential","key_b":"us","key_c":"do"},"executable":"them","exit_code":2303,"interactive":true,"name":"are.jpg","pid":1540,"same_as_process":false,"start":"2023-02-05T07:33:10.417108Z","user":{"id":"transition","name":"improve_also.xls"}},{"args":["technical"],"args_count":1147,"command_line":"product","end":"2023-02-12T01:33:42.417130Z","entity_id":"2RHCQsDNtEEUroFJ2TrVQH","env_vars":{"key_a":"levels","key_b":"across"},"executable":"are","exit_code":3725,"interactive":true,"name":"of_new_cyber.xls","pid":791,"same_as_process":true,"start":"2023-03-04T05:04:41.417172Z","user":{"id":"To","name":"authority_website_but.pdf"}},{"args":["order","enhanced"],"args_count":560,"command_line":"also","end":"2023-02-06T22:03:49.417195Z","entity_id":"7ByuyUVGM2INwcFEAomfcD","env_vars":{"key_a":"authority","key_b":"programs","key_c":"work","key_d":"constantly","key_e":"technologies"},"executable":"companies","exit_code":398,"interactive":false,"name":"art_order_this.xls","pid":2011,"same_as_process":true,"start":"2023-02-27T05:51:37.417241Z","user":{"id":"the","name":"levels.exe"}},{"args":["but","open"],"args_count":2057,"command_line":"supports","end":"2023-02-19T22:07:06.417262Z","entity_id":"6Cs3xihgwUiZXGn3O9Hwdk","env_vars":{"key_a":"are","key_b":"selling","key_c":"assist","key_d":"vendors"},"executable":"our","exit_code":3020,"interactive":true,"name":"supports_technical.pdf","pid":889,"same_as_process":true,"start":"2023-02-21T23:06:53.417307Z","user":{"id":"authority","name":"website_levels_collaborating.exe"}}],"pid":2549,"same_as_process":false,"start":"2023-03-08T09:58:50.417322Z","title":"new","uptime":641,"user":{"id":"more","name":"engaging_services_commercial.pdf"},"working_directory":"problems/of"},"registry":{"data":{"bytes":"authority","strings":["testing"],"type":"examine"},"hive":"participating","key":"also","path":"development","value":"new"},"related":{"hash":["companies"],"hosts":["partners.biz"],"ip":["222.231.211.205","79.192.41.43","93.51.253.88","254.43.234.216"],"user":["user","user"],"id":"our","uri":["http://market.edu/assist/visit/vendors","https://are.com/feedback/edge","http://art.ca/potential/across/the/us/emerging"],"signature":["an"]},"server":{"ip":"209.199.62.81","address":"art","domain":"for.ca"},"source":{"address":"technical","bytes":2633,"domain":"visit.biz","geo":{"city_name":"security.lnk","continent_code":"promote","continent_name":"open_art_about.doc","country_iso_code":"Innovation","country_name":"helps_industry_companies.lnk","location":{"lon":3973.39,"lat":2421.64},"name":"all_for.lnk","postal_code":"academia","region_iso_code":"private","region_name":"canadian.lnk","timezone":"Build"},"ip":"170.230.146.130","mac":"5f:23:af:e9:5c:59","nat":{"ip":"16.186.80.12","port":3375},"packets":3468,"port":2223},"threat":{"feed":{"dashboard_id":"whGxCA89vEezBUpN4HGtc","description":"all","name":"promote_us_key.jpg","reference":"evaluate"},"framework":"MITRE ATT&CK","group":{"alias":["the","selling"],"id":"programs","name":"tools.ppt","reference":"in"},"indicator":{"confidence":"more","description":"Either English or French may be used by any person in, or in any pleading in or process issuing from, any court established by Parliament.","email":{"address":"from"},"provider":"determine","reference":"about","scanner_stats":2494,"sightings":2904,"ip":"98.69.203.54","type":"The","first_seen":"2023-03-02T05:22:24.417580Z","last_seen":"2023-03-10T06:42:34.417585Z"},"software":{"alias":["engaging","in","improve","innovation"],"id":"survey","name":"goods_performs.exe","platform":["but","technology","assist","defence"],"reference":"in","type":"Centre"},"tactic":{"id":"TA0003","name":"Persistence","reference":"promote"},"technique":{"id":"T1566.001","name":"Spearphishing Attachment","reference":"Innovation"}},"tls":{"version":"6.1.5","version_protocol":"8.1.5","client":{"server_name":"state_collaborating_product.gif","ja3":"academia"},"server":{"ja3s":"BCIP"}},"url":{"domain":"experts.edu","extension":"to","fragment":"Innovation","full":"certain","original":"key","password":"partners","path":"do","port":2155,"query":"innovations","registered_domain":"certain.edu","scheme":"role","subdomain":"them.biz","top_level_domain":"technical.biz","username":"user"},"user":{"domain":"participating.com","email":"participating@programs.biz","full_name":"cyber.exe","group":{"domain":"feedback.com","id":"by","name":"goods_more.xls"},"hash":"participating","id":"learn","name":"vendors","roles":["promote","certain","technology","Innovation"]},"user_agent":{"device":{"name":"technical_cyber.jpg"},"name":"edge_more.xls","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","os":{"family":"enhanced","full":"participating","kernel":"stays","name":"them_innovation_determine.lnk","platform":"all","type":"working","version":"8.1.0"},"version":"6.5.1"},"vulnerability":{"category":["BCIP","government"],"classification":"selling","description":"government","enumeration":"selling","id":"technology","reference":"promote","report_id":"3kWdLLmA2zO3UslU0Dky3N"}},"5u5XXKcIksk27zo4Ogy1la":{"timestamp":"2023-02-20T14:50:10.816615Z","labels":{"key_a":"cutting","key_b":"security","key_c":"also","key_d":"laboratory","key_e":"innovative"},"tags":["but","testing"],"howler":{"id":"5u5XXKcIksk27zo4Ogy1la","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Exfiltration","hash":"20a3fbbfab93115c3f73da67b735a930989635fdf472873e4829ef60f3d802a0","related":["companies","across","this"],"reliability":851.8,"severity":981.19,"volume":2357.08,"confidence":328.11,"score":234.94,"status":"open","scrutiny":"surveyed","escalation":"hit","assessment":null,"comment":[{"id":"63PNoVOT8pKaD8zKchYw9k","timestamp":"2023-03-08T18:45:20.816790Z","modified":"2023-02-15T08:57:19.816795Z","value":"Maximum duration of legislative bodies.","user":"user"},{"id":"2m8LB5WG1cWtQ4p9wQbfir","timestamp":"2023-02-19T08:56:19.816823Z","modified":"2023-03-05T21:24:11.818982Z","value":"Citizens of Canada.","user":"admin"},{"id":"1ba512KKjPOICcb0mgjfwC","timestamp":"2023-02-23T02:58:20.819091Z","modified":"2023-03-07T00:53:24.819097Z","value":"Applies wherever in the province the number of children of citizens who have such a right is sufficient to warrant the provision to them out of public funds of minority language instruction.","user":"user"},{"modified":"2023-03-10T14:55:01.045423Z","id":"3WXIplWNAEKgZ1HGDIDz2g","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:01.045367Z"},{"modified":"2023-03-10T14:55:40.807755Z","id":"7HZPc2AdKOluAE1LG8O418","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:40.807718Z"},{"modified":"2023-03-10T15:11:46.382336Z","id":"3vQDcdp8twst4ByCQkWcFD","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:46.382300Z"},{"modified":"2023-03-10T15:12:32.172704Z","id":"21YOn6GOMzr5OWUQKthJ6P","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:32.172658Z"},{"modified":"2023-03-10T15:13:02.671852Z","id":"1n65IRLT9RbnzSxc7DY7zw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:02.671799Z"},{"modified":"2023-03-10T15:13:26.435740Z","id":"2MQ5JW1fZikTPXMkgMcv1Z","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:26.435682Z"},{"modified":"2023-03-10T15:14:21.837581Z","id":"tQ6pVYYMKgb4P3TDUBLq1","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:21.837541Z"},{"modified":"2023-03-10T15:14:48.469749Z","id":"2k2d7MVwbWnfydKTQG4yVk","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:48.469714Z"},{"modified":"2023-03-10T15:19:08.640689Z","id":"15X03ckd3oidp8G9uLItN9","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:08.640625Z"},{"modified":"2023-03-10T15:20:01.487510Z","id":"6UfHO9JOlt62l1MusL8hAz","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:01.487458Z"},{"modified":"2023-03-10T15:21:39.726594Z","id":"MoOjYhJus66H5LTzHhPuv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:39.726531Z"},{"modified":"2023-03-10T15:23:13.962280Z","id":"6TNAF8xpKRNZKG9QLkFR1Q","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:13.962222Z"},{"modified":"2023-03-10T15:26:28.240381Z","id":"2scyqyd8CwI8fbLXdanX9J","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:28.240327Z"},{"modified":"2023-03-10T15:31:00.791763Z","id":"6xbdvosntD5szNymC6dXSK","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:00.791724Z"},{"modified":"2023-03-10T15:34:15.283734Z","id":"7Pxf319ahgQ7vibZylSblD","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:15.283692Z"},{"modified":"2023-03-10T15:40:26.148363Z","id":"5WG7QAJSyRxgMfMnwHYTKk","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:26.148301Z"}],"log":[{"timestamp":"2023-02-27T16:48:45.819108Z","key":"new","explanation":"Guarantee of Rights and Freedoms.","new_value":"Centre","type":"set","previous_value":"participating","user":"user"},{"timestamp":"2023-02-25T06:44:21.819130Z","key":"all","explanation":"Fundamental freedoms.","new_value":"with","type":"set","previous_value":"Program","user":"admin"},{"timestamp":"2023-03-01T12:21:40.819147Z","key":"improve","explanation":"16.1 The English linguistic community and the French linguistic community in New Brunswick have equality of status and equal rights and privileges, including the right to distinct educational institutions and such distinct cultural institutions as are necessary for the preservation and promotion of those communities.","new_value":"in","type":"appended","previous_value":"complex","user":"user"},{"timestamp":"2023-02-10T19:33:25.819164Z","key":"government","explanation":"Democratic Rights.","new_value":"all","type":"set","previous_value":"For","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3WXIplWNAEKgZ1HGDIDz2g\\", \\"timestamp\\": \\"2023-03-10T14:55:01.045367Z\\", \\"modified\\": \\"2023-03-10T14:55:01.045423Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:01.140346Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7HZPc2AdKOluAE1LG8O418\\", \\"timestamp\\": \\"2023-03-10T14:55:40.807718Z\\", \\"modified\\": \\"2023-03-10T14:55:40.807755Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:40.875156Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3vQDcdp8twst4ByCQkWcFD\\", \\"timestamp\\": \\"2023-03-10T15:11:46.382300Z\\", \\"modified\\": \\"2023-03-10T15:11:46.382336Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:46.455999Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"21YOn6GOMzr5OWUQKthJ6P\\", \\"timestamp\\": \\"2023-03-10T15:12:32.172658Z\\", \\"modified\\": \\"2023-03-10T15:12:32.172704Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:32.271129Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1n65IRLT9RbnzSxc7DY7zw\\", \\"timestamp\\": \\"2023-03-10T15:13:02.671799Z\\", \\"modified\\": \\"2023-03-10T15:13:02.671852Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:02.755075Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2MQ5JW1fZikTPXMkgMcv1Z\\", \\"timestamp\\": \\"2023-03-10T15:13:26.435682Z\\", \\"modified\\": \\"2023-03-10T15:13:26.435740Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:26.508454Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"tQ6pVYYMKgb4P3TDUBLq1\\", \\"timestamp\\": \\"2023-03-10T15:14:21.837541Z\\", \\"modified\\": \\"2023-03-10T15:14:21.837581Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:21.911030Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2k2d7MVwbWnfydKTQG4yVk\\", \\"timestamp\\": \\"2023-03-10T15:14:48.469714Z\\", \\"modified\\": \\"2023-03-10T15:14:48.469749Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:48.539924Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"15X03ckd3oidp8G9uLItN9\\", \\"timestamp\\": \\"2023-03-10T15:19:08.640625Z\\", \\"modified\\": \\"2023-03-10T15:19:08.640689Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:08.725833Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6UfHO9JOlt62l1MusL8hAz\\", \\"timestamp\\": \\"2023-03-10T15:20:01.487458Z\\", \\"modified\\": \\"2023-03-10T15:20:01.487510Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:01.627550Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"MoOjYhJus66H5LTzHhPuv\\", \\"timestamp\\": \\"2023-03-10T15:21:39.726531Z\\", \\"modified\\": \\"2023-03-10T15:21:39.726594Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:39.824553Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6TNAF8xpKRNZKG9QLkFR1Q\\", \\"timestamp\\": \\"2023-03-10T15:23:13.962222Z\\", \\"modified\\": \\"2023-03-10T15:23:13.962280Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:14.056032Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2scyqyd8CwI8fbLXdanX9J\\", \\"timestamp\\": \\"2023-03-10T15:26:28.240327Z\\", \\"modified\\": \\"2023-03-10T15:26:28.240381Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:28.414900Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6xbdvosntD5szNymC6dXSK\\", \\"timestamp\\": \\"2023-03-10T15:31:00.791724Z\\", \\"modified\\": \\"2023-03-10T15:31:00.791763Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:00.858151Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7Pxf319ahgQ7vibZylSblD\\", \\"timestamp\\": \\"2023-03-10T15:34:15.283692Z\\", \\"modified\\": \\"2023-03-10T15:34:15.283734Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:15.361419Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5WG7QAJSyRxgMfMnwHYTKk\\", \\"timestamp\\": \\"2023-03-10T15:40:26.148301Z\\", \\"modified\\": \\"2023-03-10T15:40:26.148363Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:26.232597Z"}],"retained":"but","monitored":"our","reported":"programs","mitigated":"an","outline":{"threat":"164.53.79.183","target":"4030255b48b2e9c78676d5569e15148e.gc.ca","indicators":["are_survey.xls","product_do.xls","bcip_vendors_selling.lnk","new_state_levels.doc","working.jpg","marketplace_about_product.xls","bringing.lnk","provide_constantly.ppt","our_tools.pdf","role_experts_certain.pdf","them_industry_support.ppt","companies_art_invite.pdf","for_more.jpg","them.ppt","do_improve_goods.lnk","also_provide_them.lnk"],"summary":"If found guilty of the offence and if the punishment for the offence has been varied between the time of commission and the time of sentencing, to the benefit of the lesser punishment."},"labels":{"assignments":["APA1B","ADS2A"],"generic":["Danger","Drive","Documentation"]},"votes":{"benign":["order","are"],"obscure":["order","to"],"malicious":["to"]},"dossier":{"key_a":"56"}},"assemblyline":{"antivirus":[{"type":"collaborating","subtype":"is","value":"marketplace","verdict":"suspicious"},{"type":"is","subtype":"across","value":"For","verdict":"malicious"},{"type":"assist","subtype":"innovations","value":"country","verdict":"info"},{"type":"working","subtype":"cyber","value":"The","verdict":"suspicious"}],"attribution":[{"type":"cutting","subtype":"participating","value":"all","verdict":"safe"},{"type":"services","subtype":"vendors","value":"helps","verdict":"malicious"},{"type":"evaluate","subtype":"edge","value":"is","verdict":"info"}],"behaviour":[{"type":"working","subtype":"the","value":"complex","verdict":"info"},{"type":"government","subtype":"learn","value":"edge","verdict":"malicious"},{"type":"to","subtype":"are","value":"selling","verdict":"suspicious"}],"domain":[{"type":"new","subtype":"levels","value":"Build","verdict":"participating"},{"type":"support","subtype":"selling","value":"transition","verdict":"across"}],"heuristic":[{"type":"laboratory","subtype":"commercial","value":"market","verdict":"suspicious"},{"type":"art","subtype":"our","value":"academia","verdict":"malicious"}],"mitre":{"tactic":[{"type":"cutting","subtype":"cutting","value":"technologies","verdict":"suspicious"},{"type":"Centre","subtype":"the","value":"edge","verdict":"malicious"},{"type":"survey","subtype":"key","value":"One","verdict":"info"},{"type":"about","subtype":"state","value":"potential","verdict":"safe"}],"technique":[{"type":"government","subtype":"private","value":"Government","verdict":"malicious"},{"type":"country","subtype":"them","value":"with","verdict":"suspicious"},{"type":"private","subtype":"BCIP","value":"authority","verdict":"suspicious"},{"type":"constantly","subtype":"art","value":"our","verdict":"safe"}]},"uri":[{"type":"to","subtype":"state","value":"bringing","verdict":"are"},{"type":"constantly","subtype":"environment","value":"product","verdict":"Centre"}],"yara":[{"type":"Government","subtype":"One","value":"in","verdict":"malicious"}]},"agent":{"id":"innovative","name":"collaborating_cyber.jpg","type":"examine","version":"6.4.6"},"cbs":{"sharepoint":{"created":{"application":"authority","user":"admin"},"modified":{"application":"stays","user":"user"}}},"cloud":{"account":{"id":"5yAtWtituehdcBy47PU0Ts","name":"their_industry.doc"},"availability_zone":"engaging","instance":{"id":"visit","name":"constantly_constantly.gif"},"machine":{"type":"about"},"project":{"id":"helps","name":"services_security.exe"},"provider":"programs","region":"levels","service":{"name":"Amazon AWS"},"tenant_id":"4CLtMuYFeilUaHhgwTM4sv"},"container":{"id":"stays","image":{"hash":{"all":["programs","laboratory","all"]},"name":"open_collaborating.pdf","tag":["environment","product","cyber"]},"labels":{"key_a":"transition","key_b":"companies","key_c":"them"},"name":"state_authority.lnk","runtime":"open"},"destination":{"address":"problems","bytes":3768,"domain":"commercial.edu","geo":{"city_name":"participating.ppt","continent_code":"innovations","continent_name":"canada_emerging.pdf","country_iso_code":"security","country_name":"technical.jpg","location":{"lon":975.11,"lat":1753.33},"name":"determine.ppt","postal_code":"helps","region_iso_code":"participating","region_name":"engaging_survey_tools.gif","timezone":"partnerships"},"ip":"238.49.149.7","mac":"80:af:12:07:b3:aa","nat":{"ip":"209.233.64.216","port":1956},"packets":2745,"port":2031},"dns":{"answers":[{"class":"engaging","data":"Government","name":"environment_for.xls","ttl":2355,"type":"order"}],"header_flags":["sizes","sizes","invite","tools"],"id":"problems","op_code":"role","question":{"class":"problems","name":"transition_survey.exe","registered_domain":"innovation.biz","subdomain":"visit.biz","top_level_domain":"tools.ca","type":"Innovation"},"resolved_ip":["149.228.67.194","73.42.20.124","120.71.111.244"],"response_code":"key","type":"development"},"ecs":{"version":"7.0.8"},"error":{"code":"selling","message":"For"},"event":{"action":"constantly","category":["package"],"code":"laboratory","created":"2023-03-08T13:41:43.819908Z","dataset":"in","duration":2301,"end":"2023-02-09T18:34:21.819919Z","hash":"the","id":"5u5XXKcIksk27zo4Ogy1la","ingested":"2023-02-13T09:02:31.819927Z","kind":"state","module":"website","original":"our","outcome":"failure","provider":"CBS","reason":"state","reference":"commercial","risk_score":2404.49,"risk_score_norm":1401.2,"sequence":1187,"severity":1038,"start":"2023-03-01T07:19:31.819954Z","timezone":"across","type":["allowed","change","group","start"],"url":"do"},"email":{"attachments":[{"file":{"extension":"art","hash":{"md5":"452ad4fd73019128bfc7cf9455422d3a","sha1":"9944fb09c12744d5045c454dfb83d1b95900e021","sha256":"7e89083be446b5a5897da3270217de24ccffd8e4fd7364f5804058e0383d351d","sha384":"1c8cf8321e432ad3289279ab7d4f21ab47ffd2d2951188232d9e1ce707b250b482070e4f9f4df225128cb1a563abfe59","sha512":"e2276e47224d18d456ee345990081658dfbb55149df5e86e0d30388c9a2137a9423adc0bc764b3b8a01e1e35b9d10ffdb62ec0a8a8f405be7194d8e8a46df82d","ssdeep":"53606:FnFPs4ebxiN40HzcZ93j1quXYnLIVckE6ccjeMZmAtQanx14Da:VseOFqpGZ6LT0ffHKPTt1sFdtm9ViIXM2dwiLRjz4G7M8M7","tlsh":"selling"},"mime_type":"an","name":"other.gif","size":2557}},{"file":{"extension":"edge","hash":{"md5":"befafa69e72153a82ed9fb8ab3a5bc86","sha1":"fae5e1fd112a920edffe7f90a17fe95db5d81286","sha256":"4c64a0967b2a050d4f677d1d0f385a143fb492d2834807491a83ee6411c5194c","sha384":"a2b778e67907c48ec924021dbaceaa4ada212e23a3e90567729ac247979deb8b11351ecf2736aed2d701ebe7b9fb6bca","sha512":"7c8dc16bb98ad4603c660b8c4e8b3a3cad9c005d8095ec6eb2f6a41b988ee8dfb6e70e01610f61244350c92945324a9540b04e876e549db77658ae54f02c57d5","ssdeep":"42991:f2OhfBbUA5AKKiUmbkHf5EekcAN7gDK7SS0MZyhlqpAXIS:PSFS8bzq9dffwHwofoQLfMEP9E16Z2","tlsh":"state"},"mime_type":"helps","name":"examine_the.doc","size":4061}},{"file":{"extension":"also","hash":{"md5":"9ad0f2dfbe260f0670a42779baf64d1e","sha1":"8831c7e73b0ecb0d1aa9d17303f8e1bd28b5b587","sha256":"e101a490f3b15c6cd8b92f101d2455b3d7ab0d683f261737eec741a2f9ae1335","sha384":"e720a9b1a5ffd61d2e03151263d42eb9bf9e7acf9d12ed703e28035146089ad50efffa3b355f37320e16fb54941d749a","sha512":"59fd196b909a9671c072bbc854f534ed35ed80c09eae08d03fb699f7b733d117e1a61637543b7e39187d6d2c202784217369468b83f207f57af92bdd1c715623","ssdeep":"96616:vFNw75QGJS5nJmVR9EuZmkV:RJQhMw6YxIa8LVdfzoGwNo4TSLfbdPjygs5c9efiafR68Ek","tlsh":"partnerships"},"mime_type":"enhanced","name":"one_stays_this.xls","size":1291}},{"file":{"extension":"collaborating","hash":{"md5":"240bd2e85ebdca5c2ddbac7fe7d0a677","sha1":"846a76ff53aa6a350dededda2ada5ee5a923ed01","sha256":"0cc105c5a503b87c376fbd9a977defd8b964ceddcacfd244e2b7032979140f3f","sha384":"5edb5e45cce26d7ffd0418707166101fbdbf1b0cb84a2460e96caffe30967c9486aa7a166379820a4d3a01f82cf9f0b9","sha512":"5f3293d240224b9c5418cf25f235e5c72fee18b9e62e84068c552d0488c06ea52d2ae0961ab7a2da0084db85e1d74a71af7f24ab088ad6631a4b6cac34ad2a42","ssdeep":"42229:LZvQXtg8cGMyzB83KGPohpD:B6t5CVTmjaQajGyBf2qIwtzAr2YoEvfA3BHddJzm0Q5mGy","tlsh":"programs"},"mime_type":"cyber","name":"other_work_country.exe","size":3370}}],"bcc":{"address":"industry@technology.biz"},"cc":{"address":"survey@environment.ca"},"content_type":"Canada","delivery_timestamp":"2023-02-23T14:13:19.820698Z","direction":"performs","from":{"address":"art@stays.biz"},"local_id":"4yJ3IIr0Up3bmGbnzJl7NK","message_id":"7XsPXIPZ3TtiOZeqLnzoev","origination_timestamp":"2023-02-27T04:08:14.820754Z","reply_to":{"address":"helps@supports.biz"},"sender":{"address":"sizes@evaluate.edu"},"subject":"market","to":{"address":"state@canada.ca"},"x_mailer":"an","parent":{"bcc":{"address":"partners@vendors.edu"},"cc":{"address":"country@improve.biz"},"from":{"address":"cutting@new.ca"},"message_id":"3UadipFDrdFEDeszchIDkr","origination_timestamp":"2023-02-12T07:59:27.820806Z","subject":"determine","to":{"address":"all@across.biz"},"source":"95.56.252.202","destination":"1.46.87.34"}},"faas":{"coldstart":false,"execution":"about","id":"partners","name":"for.xls","trigger":{"request_id":"2IYL4hifhQDImhBGtBH7dZ","type":"http"},"version":"4.1.7"},"file":{"accessed":"2023-03-06T09:13:04.820872Z","attributes":["learn","sizes"],"created":"2023-02-26T09:57:35.820884Z","ctime":"2023-02-18T05:11:45.820888Z","device":"companies","directory":"government/performs/more/edge/security","drive_letter":"To","extension":"supports","fork_name":"the_this_academia.jpg","gid":"in","group":"ANALYSTS","inode":"cyber.com","mime_type":"across","mode":"bringing","mtime":"2023-02-10T23:33:12.820925Z","name":"certain_collaborating.exe","owner":"authority","path":"on","size":3525,"target_path":"determine","type":"symlink","uid":"participating","code_signature":{"digest_algorithm":"sha384","exists":true,"signing_id":"1EczaNFHnkx9VmHBpDAWSu","status":"order","subject_name":"art.xls","team_id":"3WD5Nh6TOgMkKkYAnE4wKb","timestamp":"2023-02-13T22:07:01.820999Z","trusted":false,"valid":true},"elf":{"architecture":"helps","byte_order":"Cyber","cpu_type":"participating","creation_date":"website","exports":["services","of","state"],"header":{"abi_version":"8.3.6","class":"marketplace","data":"defence","entrypoint":1274,"object_version":"6.5.1","os_abi":"programs","type":"product","version":"8.3.3"},"imports":["services"],"sections":[{"chi2":1890,"entropy":3023,"flags":"defence","name":"examine_working.exe","physical_offset":"survey","physical_size":3341,"type":"Centre","virtual_address":3822,"virtual_size":1464},{"chi2":2010,"entropy":1685,"flags":"defence","name":"testing_tools.pdf","physical_offset":"potential","physical_size":2053,"type":"enhanced","virtual_address":404,"virtual_size":997},{"chi2":2857,"entropy":2066,"flags":"art","name":"learn_visit.pdf","physical_offset":"To","physical_size":3437,"type":"testing","virtual_address":3259,"virtual_size":3591},{"chi2":2735,"entropy":320,"flags":"collaborating","name":"order.gif","physical_offset":"market","physical_size":2130,"type":"emerging","virtual_address":418,"virtual_size":1102}],"segments":[{"chi2":3872,"entropy":436,"flags":"Cyber","name":"companies.pdf","physical_offset":"One","physical_size":1881,"type":"cyber","virtual_address":2399,"virtual_size":2633},{"chi2":2314,"entropy":3801,"flags":"edge","name":"security.doc","physical_offset":"in","physical_size":1844,"type":"defence","virtual_address":1031,"virtual_size":3271},{"chi2":133,"entropy":768,"flags":"marketplace","name":"working_canada_an.jpg","physical_offset":"supports","physical_size":4039,"type":"partners","virtual_address":1573,"virtual_size":316},{"chi2":4058,"entropy":970,"flags":"are","name":"authority.lnk","physical_offset":"technical","physical_size":3857,"type":"industry","virtual_address":3513,"virtual_size":3630}],"shared_libraries":["their","One","Cyber"],"telfhash":"Innovation"},"hash":{"md5":"2863df6602be9ec42a67e930f8ab6f51","sha1":"45dffebe095d3d5e85f0da5cc4651b268e968098","sha256":"7402058129b2efe62c05c143bcfaf081e38110052c0b251c87202c3bd1ad64de","sha384":"c0e994604eade95811e28f2cc1ea2b00fd5dd67bc6d61d161ce4fd21b424511433887ccec4faf71ced177b3482d84cb7","sha512":"674e4d0fd2ca56b906901644df686709bb1dbead7427338520c02d0f8c2cecb44277644092a5b052eda9bd13fcf75e7a932af25cb7dec278234f08ef4a6bf508","ssdeep":"22134:1HZVKI5GPM4MoL1j1Pud2V5AMjJ4kGcHzYUaxHkADjzyKKaRu9:zcmvu5HIPBfR4256scPi2AOswdI3gxknkuyfe1","tlsh":"potential"},"pe":{"architecture":"We","company":"role","description":"helps","file_version":"vendors_potential_program.doc","imphash":"on","original_file_name":"development_technical.lnk","pehash":"provide","product":"experts"}},"group":{"domain":"emerging.edu","id":"assist","name":"innovation_vendors.exe"},"host":{"id":"about","ip":["56.82.107.87","131.103.247.142"],"mac":["493CACD648E8","A84D6D92615E","FA75E54B9476","07D98DAFDBB0"],"name":"innovation_determine_art.pdf","domain":"more.ca","type":"constantly"},"http":{"request":{"body":{"bytes":1942,"content":"key"},"bytes":2754,"id":"We","method":"order","mime_type":"To","referrer":"marketplace"},"response":{"body":{"bytes":1792,"content":"Centre"},"bytes":2990,"mime_type":"levels","status_code":1920},"version":"4.2.2"},"organization":{"id":"130","name":"CRC"},"process":{"args":["order","feedback","constantly","vendors"],"args_count":3064,"command_line":"more","end":"2023-03-04T03:37:06.821524Z","entity_id":"4j0Bmah3ogNe3l57fH0PQt","env_vars":{"key_a":"partnerships"},"executable":"complex","exit_code":715,"interactive":false,"name":"government_helps.ppt","parent":[{"args":["vendors","open","feedback"],"args_count":3359,"command_line":"cyber","end":"2023-02-25T00:30:05.821582Z","entity_id":"4tEoMqupO62JLNkdJGXl2v","env_vars":{"key_a":"defence","key_b":"stays","key_c":"programs","key_d":"laboratory"},"executable":"website","exit_code":637,"interactive":true,"name":"by_canada.lnk","pid":1299,"same_as_process":true,"start":"2023-03-08T17:36:18.821630Z","user":{"id":"services","name":"them_promote_by.ppt"}},{"args":["feedback","authority"],"args_count":4051,"command_line":"open","end":"2023-02-09T23:36:59.821655Z","entity_id":"6tfhYtC1mTSeM48g6AFt0t","env_vars":{"key_a":"government","key_b":"commercial","key_c":"government","key_d":"is"},"executable":"security","exit_code":845,"interactive":false,"name":"are_marketplace.xls","pid":1284,"same_as_process":false,"start":"2023-02-26T13:11:48.821701Z","user":{"id":"feedback","name":"are_development.ppt"}}],"pid":3013,"same_as_process":false,"start":"2023-02-13T13:27:15.821718Z","title":"cutting","uptime":3649,"user":{"id":"determine","name":"one.ppt"},"working_directory":"innovation/other/experts"},"registry":{"data":{"bytes":"Innovation","strings":["more","tools","helps"],"type":"website"},"hive":"government","key":"also","path":"We","value":"security"},"related":{"hash":["cyber"],"hosts":["private.edu"],"ip":["63.153.223.23","80.80.69.160"],"user":["admin","user"],"id":"other","uri":["https://supports.ca/transition/Build/academia/market","https://with.ca/Program/development/of/technology/tools","https://certain.biz/are/provide/For","https://potential.edu/technical/open/cyber/examine/working"],"signature":["goods"]},"server":{"ip":"199.2.187.249","address":"testing","domain":"innovations.com"},"source":{"address":"stays","bytes":443,"domain":"environment.ca","geo":{"city_name":"website.pdf","continent_code":"authority","continent_name":"feedback_the_one.jpg","country_iso_code":"is","country_name":"experts.doc","location":{"lon":781.45,"lat":898.24},"name":"but_development.jpg","postal_code":"private","region_iso_code":"government","region_name":"supports_role.gif","timezone":"state"},"ip":"213.69.119.172","mac":"55:0b:4c:31:ec:33","nat":{"ip":"107.96.221.51","port":3641},"packets":630,"port":3770},"threat":{"feed":{"dashboard_id":"55zkhZYSIulJDB8oSyqTAf","description":"more","name":"survey.doc","reference":"us"},"framework":"Custom","group":{"alias":["technical","learn","helps"],"id":"in","name":"the_by.ppt","reference":"more"},"indicator":{"confidence":"government","description":"Any member of the public in New Brunswick has the right to communicate with, and to receive available services from, any office of an institution of the legislature or government of New Brunswick in English or French.","email":{"address":"other"},"provider":"constantly","reference":"survey","scanner_stats":3614,"sightings":3704,"ip":"132.42.120.33","type":"problems","first_seen":"2023-02-14T03:41:06.821981Z","last_seen":"2023-02-21T00:51:52.821986Z"},"software":{"alias":["our","constantly"],"id":"marketplace","name":"invite_determine.jpg","platform":["website","them","Program"],"reference":"feedback","type":"open"},"tactic":{"id":"TA0010","name":"Exfiltration","reference":"order"},"technique":{"id":"T1087.001","name":"Local Account","reference":"provide"}},"tls":{"version":"6.2.6","version_protocol":"4.3.2","client":{"server_name":"academia.ppt","ja3":"also"},"server":{"ja3s":"levels"}},"url":{"domain":"technologies.com","extension":"also","fragment":"performs","full":"transition","original":"of","password":"them","path":"Canadian","port":134,"query":"selling","registered_domain":"is.com","scheme":"the","subdomain":"government.edu","top_level_domain":"cyber.biz","username":"admin"},"user":{"domain":"selling.edu","email":"us@problems.biz","full_name":"from.jpg","group":{"domain":"in.biz","id":"in","name":"in_our.exe"},"hash":"To","id":"support","name":"environment","roles":["commercial","programs","goods","bringing"]},"user_agent":{"device":{"name":"open_them.gif"},"name":"market_survey.pdf","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"Canadian","full":"survey","kernel":"industry","name":"with.pdf","platform":"emerging","type":"evaluate","version":"5.4.2"},"version":"6.2.2"},"vulnerability":{"category":["invite","cyber","environment","market"],"classification":"performs","description":"testing","enumeration":"with","id":"order","reference":"evaluate","report_id":"1ckiSnsfpd8v2jax487uN6"}},"6guA8xi5CgzhqjDXyvFNb1":{"timestamp":"2023-02-13T16:28:20.610433Z","labels":{"key_a":"work","key_b":"the","key_c":"are"},"tags":["also","state","levels","support"],"howler":{"id":"6guA8xi5CgzhqjDXyvFNb1","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Discovery","hash":"b0378ad206e650d1efb800a9455a86d11765899ddd7287f632b9273711f74973","related":["invite"],"reliability":1248.38,"severity":1516.32,"volume":2553.89,"confidence":1076.78,"score":3493.12,"status":"open","scrutiny":"inspected","escalation":"hit","assessment":null,"comment":[{"id":"4QOYZRde8EQzdZwL5C5mVX","timestamp":"2023-02-04T12:39:50.610617Z","modified":"2023-03-01T11:44:18.610625Z","value":"Nothing in this Charter extends the legislative powers of any body or authority.","user":"user"},{"id":"NnCfMOySsV3riCHksri4Y","timestamp":"2023-02-26T13:56:40.610655Z","modified":"2023-02-15T03:34:19.610659Z","value":"English and French linguistic communities in New Brunswick.","user":"user"},{"id":"2lgl5s810DouFeCXGBltVw","timestamp":"2023-03-04T16:52:29.610684Z","modified":"2023-02-15T13:47:02.610687Z","value":"Nothing in this Charter limits the authority of Parliament or a legislature to advance the equality of status or use of English and French.","user":"user"},{"id":"sagZ9OvJigxzMd0N5halz","timestamp":"2023-03-01T13:52:59.610710Z","modified":"2023-03-05T13:03:12.610713Z","value":"Includes, where the number of those children so warrants, the right to have them receive that instruction in minority language educational facilities provided out of public funds.","user":"user"},{"modified":"2023-03-10T14:55:01.387083Z","id":"tZHklKzghnNPhRnqAiqqN","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:01.387035Z"},{"modified":"2023-03-10T14:55:41.105390Z","id":"7NodAt3hv6d8X20XWINlNg","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:41.105345Z"},{"modified":"2023-03-10T15:11:46.691207Z","id":"1RSMmnw0pMF66rz5Bg1em","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:46.691158Z"},{"modified":"2023-03-10T15:12:32.509683Z","id":"7UbTCfbVXNPVM5LgcoCT2G","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:32.509648Z"},{"modified":"2023-03-10T15:13:02.981671Z","id":"7iaH4kG48QXscs0Qx9R3Ux","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:02.981635Z"},{"modified":"2023-03-10T15:13:26.735221Z","id":"1Ex2Y9ajodm72jqwXboDps","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:26.735185Z"},{"modified":"2023-03-10T15:14:22.130708Z","id":"5i2CfylCj4iz5w13ccfvSt","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:22.130675Z"},{"modified":"2023-03-10T15:14:48.765109Z","id":"6azFBZ0FrGZguypnHGoXCl","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:48.765061Z"},{"modified":"2023-03-10T15:19:09.046665Z","id":"2VDt1ly9vmn8c9QnK5cwIs","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:09.046579Z"},{"modified":"2023-03-10T15:20:01.908916Z","id":"2qlLRtdbWv9x6RWIevBwy9","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:01.908758Z"},{"modified":"2023-03-10T15:21:40.085555Z","id":"19jigvLqZh4zfvCc2cmjDw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:40.085493Z"},{"modified":"2023-03-10T15:23:14.312337Z","id":"4jdwccv6Wq3m9LsoTW3KQv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:14.312265Z"},{"modified":"2023-03-10T15:26:28.693454Z","id":"3cl4VdO5YVgWtOodNxKGMr","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:28.693319Z"},{"modified":"2023-03-10T15:31:01.073833Z","id":"ryhtMb8kuyKq0qHGFbbdZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:01.073798Z"},{"modified":"2023-03-10T15:34:15.593991Z","id":"7FJgTwEkVtR75QZSbs8pJi","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:15.593950Z"},{"modified":"2023-03-10T15:40:26.448761Z","id":"7W55a2f1d6eaPiD51A9DQO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:26.448724Z"}],"log":[{"timestamp":"2023-03-10T08:30:18.610723Z","key":"collaborating","explanation":"Continuation of existing constitutional provisions.","new_value":"website","type":"appended","previous_value":"assist","user":"admin"},{"timestamp":"2023-02-04T05:31:12.610744Z","key":"art","explanation":"Any person charged with an offence has the right.","new_value":"Cyber","type":"removed","previous_value":"country","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"tZHklKzghnNPhRnqAiqqN\\", \\"timestamp\\": \\"2023-03-10T14:55:01.387035Z\\", \\"modified\\": \\"2023-03-10T14:55:01.387083Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:01.464565Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7NodAt3hv6d8X20XWINlNg\\", \\"timestamp\\": \\"2023-03-10T14:55:41.105345Z\\", \\"modified\\": \\"2023-03-10T14:55:41.105390Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:41.179464Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1RSMmnw0pMF66rz5Bg1em\\", \\"timestamp\\": \\"2023-03-10T15:11:46.691158Z\\", \\"modified\\": \\"2023-03-10T15:11:46.691207Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:46.776759Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7UbTCfbVXNPVM5LgcoCT2G\\", \\"timestamp\\": \\"2023-03-10T15:12:32.509648Z\\", \\"modified\\": \\"2023-03-10T15:12:32.509683Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:32.580289Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7iaH4kG48QXscs0Qx9R3Ux\\", \\"timestamp\\": \\"2023-03-10T15:13:02.981635Z\\", \\"modified\\": \\"2023-03-10T15:13:02.981671Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:03.062852Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1Ex2Y9ajodm72jqwXboDps\\", \\"timestamp\\": \\"2023-03-10T15:13:26.735185Z\\", \\"modified\\": \\"2023-03-10T15:13:26.735221Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:26.811918Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5i2CfylCj4iz5w13ccfvSt\\", \\"timestamp\\": \\"2023-03-10T15:14:22.130675Z\\", \\"modified\\": \\"2023-03-10T15:14:22.130708Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:22.199358Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6azFBZ0FrGZguypnHGoXCl\\", \\"timestamp\\": \\"2023-03-10T15:14:48.765061Z\\", \\"modified\\": \\"2023-03-10T15:14:48.765109Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:48.860066Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2VDt1ly9vmn8c9QnK5cwIs\\", \\"timestamp\\": \\"2023-03-10T15:19:09.046579Z\\", \\"modified\\": \\"2023-03-10T15:19:09.046665Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:09.165508Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2qlLRtdbWv9x6RWIevBwy9\\", \\"timestamp\\": \\"2023-03-10T15:20:01.908758Z\\", \\"modified\\": \\"2023-03-10T15:20:01.908916Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:02.003457Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"19jigvLqZh4zfvCc2cmjDw\\", \\"timestamp\\": \\"2023-03-10T15:21:40.085493Z\\", \\"modified\\": \\"2023-03-10T15:21:40.085555Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:40.220931Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4jdwccv6Wq3m9LsoTW3KQv\\", \\"timestamp\\": \\"2023-03-10T15:23:14.312265Z\\", \\"modified\\": \\"2023-03-10T15:23:14.312337Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:14.394044Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3cl4VdO5YVgWtOodNxKGMr\\", \\"timestamp\\": \\"2023-03-10T15:26:28.693319Z\\", \\"modified\\": \\"2023-03-10T15:26:28.693454Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:28.810145Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"ryhtMb8kuyKq0qHGFbbdZ\\", \\"timestamp\\": \\"2023-03-10T15:31:01.073798Z\\", \\"modified\\": \\"2023-03-10T15:31:01.073833Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:01.145880Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7FJgTwEkVtR75QZSbs8pJi\\", \\"timestamp\\": \\"2023-03-10T15:34:15.593950Z\\", \\"modified\\": \\"2023-03-10T15:34:15.593991Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:15.666662Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7W55a2f1d6eaPiD51A9DQO\\", \\"timestamp\\": \\"2023-03-10T15:40:26.448724Z\\", \\"modified\\": \\"2023-03-10T15:40:26.448761Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:26.521356Z"}],"retained":"performs","monitored":"industry","reported":"assist","mitigated":"BCIP","outline":{"threat":"63.110.10.200","target":"by.ca","indicators":["enhanced_evaluate_but.pdf","defence_from.xls","build_product.exe","one_is_our.ppt"],"summary":"Everyone has the right on arrest or detention."},"labels":{"assignments":["APA1B"],"generic":["Drive","Super Teams","Outlook"]},"votes":{"benign":["partners","working","The","Canadian"],"obscure":["art","collaborating"],"malicious":["enhanced","problems","selling"]},"dossier":{"key_a":"defence","key_b":"true","key_c":"67","key_d":"website"}},"assemblyline":{"antivirus":[{"type":"marketplace","subtype":"examine","value":"country","verdict":"info"},{"type":"We","subtype":"working","value":"the","verdict":"suspicious"},{"type":"innovative","subtype":"We","value":"across","verdict":"info"}],"attribution":[{"type":"us","subtype":"market","value":"improve","verdict":"malicious"}],"behaviour":[{"type":"across","subtype":"all","value":"support","verdict":"malicious"},{"type":"assist","subtype":"constantly","value":"cutting","verdict":"suspicious"},{"type":"evaluate","subtype":"environment","value":"partnerships","verdict":"safe"}],"domain":[{"type":"in","subtype":"technologies","value":"state","verdict":"more"},{"type":"innovative","subtype":"stays","value":"industry","verdict":"role"}],"heuristic":[{"type":"companies","subtype":"from","value":"role","verdict":"safe"}],"mitre":{"tactic":[{"type":"also","subtype":"government","value":"order","verdict":"info"},{"type":"evaluate","subtype":"their","value":"survey","verdict":"malicious"},{"type":"bringing","subtype":"of","value":"state","verdict":"malicious"},{"type":"innovations","subtype":"innovation","value":"companies","verdict":"safe"}],"technique":[{"type":"innovative","subtype":"website","value":"testing","verdict":"safe"},{"type":"an","subtype":"improve","value":"Canada","verdict":"safe"},{"type":"other","subtype":"sizes","value":"provide","verdict":"suspicious"}]},"uri":[{"type":"environment","subtype":"by","value":"order","verdict":"of"},{"type":"country","subtype":"technologies","value":"about","verdict":"learn"}],"yara":[{"type":"supports","subtype":"promote","value":"partnerships","verdict":"info"}]},"agent":{"id":"art","name":"companies_vendors.pdf","type":"participating","version":"4.1.2"},"cbs":{"sharepoint":{"created":{"application":"invite","user":"user"},"modified":{"application":"commercial","user":"user"}}},"cloud":{"account":{"id":"6JCTGQkQPtTzUfgty0LPNh","name":"private_other.pdf"},"availability_zone":"engaging","instance":{"id":"us","name":"other_do.xls"},"machine":{"type":"invite"},"project":{"id":"technology","name":"security_all.lnk"},"provider":"BCIP","region":"academia","service":{"name":"Office365"},"tenant_id":"p6veXIe73ywx1hEPxiCMs"},"container":{"id":"technology","image":{"hash":{"all":["problems","BCIP","survey"]},"name":"technologies.doc","tag":["country","our","visit"]},"labels":{"key_a":"are","key_b":"Cyber","key_c":"country","key_d":"role","key_e":"art"},"name":"all_innovation.xls","runtime":"cutting"},"destination":{"address":"Government","bytes":137,"domain":"art.ca","geo":{"city_name":"build_their.jpg","continent_code":"cutting","continent_name":"art.ppt","country_iso_code":"from","country_name":"the_examine_survey.xls","location":{"lon":3911.74,"lat":2222.92},"name":"academia_program.lnk","postal_code":"government","region_iso_code":"For","region_name":"to_engaging_to.doc","timezone":"BCIP"},"ip":"208.96.6.205","mac":"ed:8f:fa:fd:2d:99","nat":{"ip":"3.241.130.40","port":872},"packets":3088,"port":1638},"dns":{"answers":[{"class":"role","data":"defence","name":"technologies.exe","ttl":3800,"type":"working"},{"class":"To","data":"them","name":"by_also.jpg","ttl":274,"type":"The"},{"class":"learn","data":"innovation","name":"more_from_innovation.lnk","ttl":348,"type":"vendors"},{"class":"our","data":"certain","name":"potential_we_to.pdf","ttl":392,"type":"security"}],"header_flags":["innovations","testing","our","constantly"],"id":"by","op_code":"an","question":{"class":"promote","name":"private_learn.doc","registered_domain":"to.com","subdomain":"defence.com","top_level_domain":"determine.ca","type":"also"},"resolved_ip":["91.86.170.197","240.122.245.176","163.223.124.211"],"response_code":"an","type":"certain"},"ecs":{"version":"7.1.8"},"error":{"code":"work","message":"To"},"event":{"action":"collaborating","category":["email","database","host"],"code":"experts","created":"2023-03-07T23:53:24.611459Z","dataset":"programs","duration":3743,"end":"2023-02-14T13:22:43.611472Z","hash":"Build","id":"6guA8xi5CgzhqjDXyvFNb1","ingested":"2023-03-02T04:30:07.611479Z","kind":"metric","module":"bringing","original":"key","outcome":"success","provider":"AssemblyLine","reason":"Innovation","reference":"but","risk_score":2508.97,"risk_score_norm":3166.89,"sequence":911,"severity":679,"start":"2023-03-01T02:41:25.611508Z","timezone":"experts","type":["change","deletion","end"],"url":"other"},"email":{"attachments":[{"file":{"extension":"survey","hash":{"md5":"10d423c68dac52e4ede33b842fd718b3","sha1":"ad0645f756a42d835e2f40590e0b0476df1ce4ef","sha256":"a6f9c6fb77394c47f8014f062d9d29a030bd5b7c4d5f0867d8a65029f4b7fc33","sha384":"606d1deb798bd93e861bb544336f57c278774339c44d8ad536993290ab3f62b11fe500fb3e71c263056062449e7b6110","sha512":"df38ad72a62da6776df54ac929177aff21db1246e813732cb97e7576df10a9d6fe5a672adfc7254e5668777b0db1c450edbcde09236e5c90c7fb6eb97fb115e8","ssdeep":"70960:uUeHq6ELFNUURhjoGl3fRKjP:hDzwxdMdyY1Yt0k5n4bHByqSYsZX1UBdePSnUwuhKG","tlsh":"Centre"},"mime_type":"goods","name":"edge_their_are.jpg","size":1362}},{"file":{"extension":"feedback","hash":{"md5":"dbb19191f3787892203bbb589e074f61","sha1":"665c4919090ebf2265c035ef5a691aa11c37c8b3","sha256":"e93623c4b16ca9312c2fe22581aff9bde90d4b1704b2f05fa691944e4221fff4","sha384":"0fbd52872e24eb15d6708cfbd030ea6c68f410674bd88c4f53b22a9a8d92517e57a74bec841cbb35550c87a8a4f14b4a","sha512":"850c2f3fb0bffd6049d4218adfbd498d304091c71505b6ca159a41d2447d075e404180982eb36c9d955c124193cfaee583430e665bf53b07f2fac1e15cd1eec0","ssdeep":"67419:lb3Qx7ywXcI4zgEbhviUFLkmrwV4x:KK7fAYrP5anPlhRPRpaozIZyZwFA73I6OOIbgdG4UYnVdDsop5ZdQ1F","tlsh":"helps"},"mime_type":"commercial","name":"we_art.ppt","size":2629}},{"file":{"extension":"bringing","hash":{"md5":"ff472037bc038e150ee71b85a99c2b37","sha1":"5d8cd3f5c17c72d5b54e509bbe30f6f893cf9ceb","sha256":"a48059f1e9964538de97b8a510716e3dc665ce9b5e5eecadaa1b21387c0b3059","sha384":"b8d315e8800c34f2fe9c9bbfdb73392d374eb3e99fe2191852b3910c275130cf28a7f51b051952c2a00de5cde8d19b49","sha512":"2a0d4157dcc7fe8a9ce0d75f4e8e6565bcf704638cc40f1aea3c628e5e7dbfa0d1660ba4e932e664da1ec28cab2becf00b72ed9498656a9a670a52f925bd7f5e","ssdeep":"8658:QlYNawGdzYyjRLysuYuISQqRExdvK0ZuR1eO49emLm4p5vX4JQu6zL0zionuQs:8AYmRx7YiEFKyxv9JuePilx9r07fBL6nI1HbkG8jDXTFPK3Sc","tlsh":"engaging"},"mime_type":"goods","name":"about.lnk","size":3408}},{"file":{"extension":"emerging","hash":{"md5":"313b7a83dbea2a0f800dc8cb19e984c8","sha1":"3649c6c1208812383e9aab7983fa4e31d0cd347a","sha256":"33340961ce4ac5967d83b26cfa373c3f466db0baff51aaa1032230c7dc683996","sha384":"3355abb5a83778964b27a6b5fc6ca4fad515c4c6efebc2ca8d9aee46558841ec2073e0d5dffdf79ce0db4c3aeb412513","sha512":"fdf605f749438646bb593000e2c9a5682586d94f85ed1cbd52b8947eb8cc14d2507eda7ce1186c30dabd9c74fd7f37e14505209937d4ef0e45ad05091b2b71fa","ssdeep":"3081:5AsfkMZegeX33glRUqvV8kiliQoQ779oX4CkSUilUgoc0iv8kqiHXJ2s:hyPQZEQtCbdqyR5CgXx3zPApKhMnPpP5Ek5kyFFytREyP","tlsh":"improve"},"mime_type":"constantly","name":"them.pdf","size":1821}}],"bcc":{"address":"defence@role.biz"},"cc":{"address":"country@problems.biz"},"content_type":"Government","delivery_timestamp":"2023-03-06T01:23:40.612198Z","direction":"bringing","from":{"address":"feedback@partners.com"},"local_id":"2ms8vw4B8JZVdop48c6APa","message_id":"3VCbQtS8jn3smIoB6UgNSQ","origination_timestamp":"2023-02-14T08:12:20.612251Z","reply_to":{"address":"engaging@feedback.biz"},"sender":{"address":"work@market.biz"},"subject":"country","to":{"address":"is@market.com"},"x_mailer":"other","parent":{"bcc":{"address":"cyber@supports.ca"},"cc":{"address":"the@cutting.biz"},"from":{"address":"new@about.biz"},"message_id":"6Dyt6GRib7KBQOrQTqFqmO","origination_timestamp":"2023-02-06T20:37:52.612303Z","subject":"all","to":{"address":"emerging@more.biz"},"source":"140.231.102.1","destination":"104.12.252.134"}},"faas":{"coldstart":false,"execution":"commercial","id":"constantly","name":"problems.gif","trigger":{"request_id":"7SLxsXOplafZBOO7diAiKw","type":"http"},"version":"5.5.7"},"file":{"accessed":"2023-02-25T21:31:02.612370Z","attributes":["product","about","from"],"created":"2023-03-05T22:16:06.612384Z","ctime":"2023-02-14T06:30:19.612388Z","device":"One","directory":"role/certain","drive_letter":"working","extension":"other","fork_name":"by_them.jpg","gid":"security","group":"ANALYSTS","inode":"experts.ca","mime_type":"goods","mode":"participating","mtime":"2023-02-10T11:47:42.612423Z","name":"for.ppt","owner":"state","path":"Canadian","size":696,"target_path":"feedback","type":"file","uid":"BCIP","code_signature":{"digest_algorithm":"sha512","exists":false,"signing_id":"2JAmaRE3ObE8rghkZWpOcQ","status":"defence","subject_name":"partnerships_role.ppt","team_id":"4VkMxEdQu5wqfAoioaKRtR","timestamp":"2023-03-05T20:18:15.612498Z","trusted":true,"valid":false},"elf":{"architecture":"also","byte_order":"them","cpu_type":"this","creation_date":"collaborating","exports":["from","learn","us"],"header":{"abi_version":"4.4.0","class":"technology","data":"environment","entrypoint":3767,"object_version":"8.0.3","os_abi":"by","type":"bringing","version":"8.1.8"},"imports":["For","certain","edge","performs"],"sections":[{"chi2":768,"entropy":945,"flags":"of","name":"determine_working.jpg","physical_offset":"market","physical_size":1617,"type":"marketplace","virtual_address":1935,"virtual_size":1336},{"chi2":3197,"entropy":1536,"flags":"the","name":"working.pdf","physical_offset":"Innovation","physical_size":1488,"type":"constantly","virtual_address":2233,"virtual_size":2231}],"segments":[{"chi2":4066,"entropy":3169,"flags":"examine","name":"helps.gif","physical_offset":"also","physical_size":2869,"type":"of","virtual_address":694,"virtual_size":1514},{"chi2":1634,"entropy":169,"flags":"improve","name":"for.gif","physical_offset":"For","physical_size":2798,"type":"on","virtual_address":605,"virtual_size":1721}],"shared_libraries":["complex","also"],"telfhash":"country"},"hash":{"md5":"c2c0c57984b5c63f2706edb0b8e0500c","sha1":"271079826b8ed191489dd5af7f39367fec91bfdd","sha256":"69066d9396a2c0149ad94fa385dbdb2816e409500ffee07c6901ffb374a10d98","sha384":"e643c2ab8ce31b81c767fdd68cdd3a2286f875c0cc4eb38e1ec5dacd9988ec0821935fac68004bb0150709ee1b2089ad","sha512":"335470ff9a274eca54e7d5f5b83337b5cd92ffca12a6f1336ced282701f2b2acf549bf82f2139444e868b91392af7965e29d30574d217f9b151aa097e6f5051f","ssdeep":"42791:x55JPxlLZdKH9hpXIli74hEg7DRur5EBuxsFqlKBKVxt1uS3YTPy49wZoMd2PP:r9thKGtBrjqPVF36QCBJ5Ko35Qth16LNIqe","tlsh":"certain"},"pe":{"architecture":"all","company":"determine","description":"helps","file_version":"more_complex_experts.gif","imphash":"assist","original_file_name":"innovation_one_marketplace.gif","pehash":"also","product":"stays"}},"group":{"domain":"technologies.com","id":"bringing","name":"complex_for.xls"},"host":{"id":"cyber","ip":["97.23.67.11","114.154.27.46","83.233.97.90"],"mac":["915D86B0A4AC"],"name":"them_innovative.pdf","domain":"levels.biz","type":"new"},"http":{"request":{"body":{"bytes":2897,"content":"the"},"bytes":3117,"id":"testing","method":"edge","mime_type":"levels","referrer":"companies"},"response":{"body":{"bytes":1189,"content":"new"},"bytes":3920,"mime_type":"government","status_code":2131},"version":"7.5.0"},"organization":{"id":"118","name":"OSGG"},"process":{"args":["an","supports"],"args_count":2258,"command_line":"private","end":"2023-02-16T00:50:55.612948Z","entity_id":"4Hgh3zAN9lP1gUoL8Q1MJC","env_vars":{"key_a":"our","key_b":"BCIP","key_c":"feedback","key_d":"problems","key_e":"One"},"executable":"also","exit_code":4012,"interactive":true,"name":"development_state_private.xls","parent":[{"args":["across"],"args_count":3747,"command_line":"security","end":"2023-03-09T05:04:19.613010Z","entity_id":"FbtJDAWycy4PTSB3ZmO3N","env_vars":{"key_a":"also","key_b":"emerging","key_c":"but"},"executable":"market","exit_code":2996,"interactive":false,"name":"invite_learn.xls","pid":1790,"same_as_process":true,"start":"2023-03-02T00:50:56.613056Z","user":{"id":"constantly","name":"the_certain.gif"}},{"args":["services","state","our","supports"],"args_count":2083,"command_line":"partnerships","end":"2023-02-08T14:22:59.613084Z","entity_id":"6685Bpuo52m9GKIAda0pK2","env_vars":{"key_a":"innovations","key_b":"of","key_c":"feedback","key_d":"constantly","key_e":"supports"},"executable":"provide","exit_code":2689,"interactive":false,"name":"website_to_transition.xls","pid":205,"same_as_process":false,"start":"2023-03-09T05:15:01.613133Z","user":{"id":"Centre","name":"more_state_centre.pdf"}}],"pid":1493,"same_as_process":true,"start":"2023-03-04T15:27:29.613149Z","title":"emerging","uptime":3974,"user":{"id":"about","name":"program_is_performs.xls"},"working_directory":"cyber/across/cutting/selling"},"registry":{"data":{"bytes":"art","strings":["role","by"],"type":"levels"},"hive":"Cyber","key":"art","path":"academia","value":"technologies"},"related":{"hash":["academia","examine"],"hosts":["partners.biz","participating.edu","more.edu"],"ip":["94.159.176.148","84.78.46.86"],"user":["admin","admin","admin","user"],"id":"emerging","uri":["http://our.biz/emerging/services/Cyber/work/work/invite","ftp://experts.edu/from/testing/learn/laboratory","https://laboratory.ca/art/art/art/website"],"signature":["website","in"]},"server":{"ip":"44.150.165.171","address":"cutting","domain":"constantly.ca"},"source":{"address":"the","bytes":2836,"domain":"survey.edu","geo":{"city_name":"open_role.pdf","continent_code":"work","continent_name":"is_the_environment.ppt","country_iso_code":"We","country_name":"innovative.pdf","location":{"lon":3164.85,"lat":1589.23},"name":"more.xls","postal_code":"key","region_iso_code":"partners","region_name":"goods_to_invite.lnk","timezone":"innovative"},"ip":"23.229.2.22","mac":"db:8a:a5:53:95:ea","nat":{"ip":"222.70.10.55","port":771},"packets":1237,"port":1602},"threat":{"feed":{"dashboard_id":"322WqsUBCr4RzUMpEczlod","description":"helps","name":"canada_provide_provide.xls","reference":"from"},"framework":"MITRE ATT&CK","group":{"alias":["authority","their","are"],"id":"them","name":"marketplace_security_this.gif","reference":"engaging"},"indicator":{"confidence":"the","description":"To the legislature and government of each province in respect of all matters within the authority of the legislature of each province.","email":{"address":"emerging"},"provider":"authority","reference":"helps","scanner_stats":1725,"sightings":2857,"ip":"13.207.20.38","type":"Canadian","first_seen":"2023-02-21T13:19:03.613427Z","last_seen":"2023-02-19T19:09:15.613432Z"},"software":{"alias":["vendors","companies","are"],"id":"problems","name":"is_constantly_cyber.pdf","platform":["the","country","is"],"reference":"survey","type":"Government"},"tactic":{"id":"TA0007","name":"Discovery","reference":"To"},"technique":{"id":"T1162","name":"Login Item","reference":"improve"}},"tls":{"version":"4.3.1","version_protocol":"6.1.6","client":{"server_name":"complex.jpg","ja3":"Canadian"},"server":{"ja3s":"promote"}},"url":{"domain":"marketplace.com","extension":"programs","fragment":"in","full":"technical","original":"problems","password":"survey","path":"problems","port":1149,"query":"in","registered_domain":"performs.ca","scheme":"constantly","subdomain":"provide.com","top_level_domain":"about.edu","username":"user"},"user":{"domain":"visit.biz","email":"supports@an.edu","full_name":"support.doc","group":{"domain":"we.biz","id":"them","name":"levels_invite_our.gif"},"hash":"development","id":"vendors","name":"promote","roles":["more","We"]},"user_agent":{"device":{"name":"examine.gif"},"name":"canada_bcip.ppt","original":"Mozilla/5.0 (iPhone9,4; U; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1","os":{"family":"with","full":"order","kernel":"website","name":"bringing_innovative.jpg","platform":"partnerships","type":"of","version":"4.5.7"},"version":"4.3.1"},"vulnerability":{"category":["programs"],"classification":"cutting","description":"examine","enumeration":"industry","id":"improve","reference":"tools","report_id":"2fJDYqxIvmQnz4Q7uUEtlm"}},"1xhaQnGT0WXzcxxFtLHFtI":{"timestamp":"2023-02-23T21:03:36.026979Z","labels":{"key_a":"bringing","key_b":"on","key_c":"edge","key_d":"participating","key_e":"constantly"},"tags":["across","also","other"],"howler":{"id":"1xhaQnGT0WXzcxxFtLHFtI","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Resource Development","hash":"234e8f70d6e3ef94acc919cd008649975f795288392bb3a7fbb4fce4eff0da04","related":["supports","certain"],"reliability":2657.18,"severity":2574.42,"volume":3139.3,"confidence":3519.88,"score":3129.56,"status":"open","scrutiny":"scanned","escalation":"hit","assessment":null,"comment":[{"id":"5G0YSDvtR7dsUSqOg9esiH","timestamp":"2023-02-07T02:04:58.027186Z","modified":"2023-02-16T02:02:33.027192Z","value":"To be tried within a reasonable time.","user":"user"},{"id":"70Cdi8QNXwmnM5brEk0XOA","timestamp":"2023-02-14T17:32:07.027225Z","modified":"2023-02-15T23:33:24.027229Z","value":"A witness who testifies in any proceedings has the right not to have any incriminating evidence so given used to incriminate that witness in any other proceedings, except in a prosecution for perjury or for the giving of contradictory evidence.","user":"admin"},{"id":"4vg7tBnt5Fj2xu3RUKp7ci","timestamp":"2023-03-09T18:04:48.027256Z","modified":"2023-02-16T05:56:38.027261Z","value":"Citizens of Canada of whom any child has received or is receiving primary or secondary school instruction in English or French in Canada, have the right to have all their children receive primary and secondary school instruction in the same language.","user":"user"},{"id":"7K1UgRjWuObVXWu0biPDdq","timestamp":"2023-02-21T10:38:27.027288Z","modified":"2023-02-24T05:39:39.027292Z","value":"Continuity of language instruction.","user":"admin"},{"modified":"2023-03-10T14:55:01.701524Z","id":"7ghbvZZfTaG2RIDJWmZXbH","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:01.701473Z"},{"modified":"2023-03-10T14:55:41.397431Z","id":"1UfcQ0FP7Tn2jvjBpaJNz4","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:41.397366Z"},{"modified":"2023-03-10T15:11:47.014114Z","id":"3GYxn1SqZYMzRKDvsA2vbv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:47.014075Z"},{"modified":"2023-03-10T15:12:32.822488Z","id":"1Vpia3RQqojh8xrtVnyVXZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:32.822434Z"},{"modified":"2023-03-10T15:13:03.309371Z","id":"6g4WnmgTjQfvZNu7heH2zs","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:03.309337Z"},{"modified":"2023-03-10T15:13:27.062090Z","id":"kd1ezIZfLuB2089oKX8hq","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:27.062057Z"},{"modified":"2023-03-10T15:14:22.409325Z","id":"3ttRB9wJ3wSmpxHtPbkq37","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:22.409291Z"},{"modified":"2023-03-10T15:14:49.080860Z","id":"3me6I8BETSfYWICRSRJSSp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:49.080820Z"},{"modified":"2023-03-10T15:19:09.485908Z","id":"6Ji1XOcNIoulLarK5bEig9","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:09.485847Z"},{"modified":"2023-03-10T15:20:02.280696Z","id":"6xOvviZ7n9Dl6wy3wJ2zV2","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:02.280631Z"},{"modified":"2023-03-10T15:21:40.551152Z","id":"2tDLCCPNWgP7Qelqp8EppF","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:40.551085Z"},{"modified":"2023-03-10T15:23:14.652902Z","id":"1XZgBEbU4HNpXcl8gI7aRQ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:14.652856Z"},{"modified":"2023-03-10T15:26:29.099236Z","id":"2DlwKJJVvH1tJUzlXdMoZL","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:29.099179Z"},{"modified":"2023-03-10T15:31:01.392527Z","id":"2X8C5krU3aglRzTBvsPy4P","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:01.392412Z"},{"modified":"2023-03-10T15:34:15.903859Z","id":"3eDGjWHfroZKgIIfLo7sKZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:15.903813Z"},{"modified":"2023-03-10T15:40:26.761892Z","id":"2bmSOXXAnyvGoAQL2PHMrr","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:26.761844Z"}],"log":[{"timestamp":"2023-03-03T20:08:29.027303Z","key":"us","explanation":"Other rights and freedoms not affected by Charter.","new_value":"us","type":"removed","previous_value":"across","user":"user"},{"timestamp":"2023-02-24T19:27:49.027324Z","key":"constantly","explanation":"Operation of exception.","new_value":"testing","type":"appended","previous_value":"are","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7ghbvZZfTaG2RIDJWmZXbH\\", \\"timestamp\\": \\"2023-03-10T14:55:01.701473Z\\", \\"modified\\": \\"2023-03-10T14:55:01.701524Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:01.822023Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1UfcQ0FP7Tn2jvjBpaJNz4\\", \\"timestamp\\": \\"2023-03-10T14:55:41.397366Z\\", \\"modified\\": \\"2023-03-10T14:55:41.397431Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:41.470363Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3GYxn1SqZYMzRKDvsA2vbv\\", \\"timestamp\\": \\"2023-03-10T15:11:47.014075Z\\", \\"modified\\": \\"2023-03-10T15:11:47.014114Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:47.083803Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1Vpia3RQqojh8xrtVnyVXZ\\", \\"timestamp\\": \\"2023-03-10T15:12:32.822434Z\\", \\"modified\\": \\"2023-03-10T15:12:32.822488Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:32.910024Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6g4WnmgTjQfvZNu7heH2zs\\", \\"timestamp\\": \\"2023-03-10T15:13:03.309337Z\\", \\"modified\\": \\"2023-03-10T15:13:03.309371Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:03.381205Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"kd1ezIZfLuB2089oKX8hq\\", \\"timestamp\\": \\"2023-03-10T15:13:27.062057Z\\", \\"modified\\": \\"2023-03-10T15:13:27.062090Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:27.131703Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3ttRB9wJ3wSmpxHtPbkq37\\", \\"timestamp\\": \\"2023-03-10T15:14:22.409291Z\\", \\"modified\\": \\"2023-03-10T15:14:22.409325Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:22.476427Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3me6I8BETSfYWICRSRJSSp\\", \\"timestamp\\": \\"2023-03-10T15:14:49.080820Z\\", \\"modified\\": \\"2023-03-10T15:14:49.080860Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:49.153238Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6Ji1XOcNIoulLarK5bEig9\\", \\"timestamp\\": \\"2023-03-10T15:19:09.485847Z\\", \\"modified\\": \\"2023-03-10T15:19:09.485908Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:09.606999Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6xOvviZ7n9Dl6wy3wJ2zV2\\", \\"timestamp\\": \\"2023-03-10T15:20:02.280631Z\\", \\"modified\\": \\"2023-03-10T15:20:02.280696Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:02.381092Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2tDLCCPNWgP7Qelqp8EppF\\", \\"timestamp\\": \\"2023-03-10T15:21:40.551085Z\\", \\"modified\\": \\"2023-03-10T15:21:40.551152Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:40.645050Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1XZgBEbU4HNpXcl8gI7aRQ\\", \\"timestamp\\": \\"2023-03-10T15:23:14.652856Z\\", \\"modified\\": \\"2023-03-10T15:23:14.652902Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:14.741538Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2DlwKJJVvH1tJUzlXdMoZL\\", \\"timestamp\\": \\"2023-03-10T15:26:29.099179Z\\", \\"modified\\": \\"2023-03-10T15:26:29.099236Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:29.232577Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2X8C5krU3aglRzTBvsPy4P\\", \\"timestamp\\": \\"2023-03-10T15:31:01.392412Z\\", \\"modified\\": \\"2023-03-10T15:31:01.392527Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:01.478389Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3eDGjWHfroZKgIIfLo7sKZ\\", \\"timestamp\\": \\"2023-03-10T15:34:15.903813Z\\", \\"modified\\": \\"2023-03-10T15:34:15.903859Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:15.975155Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2bmSOXXAnyvGoAQL2PHMrr\\", \\"timestamp\\": \\"2023-03-10T15:40:26.761844Z\\", \\"modified\\": \\"2023-03-10T15:40:26.761892Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:26.840479Z"}],"retained":"with","monitored":"performs","reported":"levels","mitigated":"evaluate","outline":{"threat":"162.32.161.60","target":"website.ca","indicators":["but_visit.ppt","from.pdf","innovations_goods_services.doc","promote_order_survey.lnk","academia.pdf","this.xls","with_canada_for.gif","to_is_technical.xls","partners.doc","canada_partners.exe","security.lnk","helps.pdf","certain.lnk","collaborating_one_order.jpg","cyber_more_innovative.ppt","us_technology_but.jpg","for_partnerships_performs.xls","companies_bringing_environment.exe","supports_about.lnk"],"summary":"Freedom of peaceful assembly."},"labels":{"assignments":["ACE1C","APA1B","ADS2A"],"generic":["Outlook","Documentation"]},"votes":{"benign":["problems","key","product","are"],"obscure":["role","order","us","technologies"],"malicious":["innovative"]},"dossier":{"key_a":"[\\"the\\", \\"the\\"]","key_b":"7","key_c":"private","key_d":"97","key_e":"true"}},"assemblyline":{"antivirus":[{"type":"examine","subtype":"environment","value":"Centre","verdict":"suspicious"},{"type":"technologies","subtype":"participating","value":"Program","verdict":"malicious"},{"type":"assist","subtype":"order","value":"but","verdict":"info"}],"attribution":[{"type":"Government","subtype":"is","value":"market","verdict":"suspicious"},{"type":"Build","subtype":"potential","value":"country","verdict":"suspicious"},{"type":"levels","subtype":"problems","value":"country","verdict":"safe"},{"type":"To","subtype":"open","value":"problems","verdict":"malicious"}],"behaviour":[{"type":"survey","subtype":"cyber","value":"government","verdict":"malicious"},{"type":"industry","subtype":"in","value":"enhanced","verdict":"info"},{"type":"Canada","subtype":"on","value":"sizes","verdict":"suspicious"},{"type":"BCIP","subtype":"selling","value":"helps","verdict":"safe"}],"domain":[{"type":"collaborating","subtype":"from","value":"of","verdict":"market"},{"type":"The","subtype":"role","value":"of","verdict":"sizes"},{"type":"technical","subtype":"in","value":"development","verdict":"Innovation"}],"heuristic":[{"type":"working","subtype":"collaborating","value":"an","verdict":"malicious"},{"type":"order","subtype":"improve","value":"across","verdict":"info"},{"type":"services","subtype":"complex","value":"technologies","verdict":"info"}],"mitre":{"tactic":[{"type":"role","subtype":"do","value":"development","verdict":"suspicious"},{"type":"invite","subtype":"problems","value":"constantly","verdict":"malicious"},{"type":"are","subtype":"website","value":"engaging","verdict":"malicious"},{"type":"transition","subtype":"edge","value":"cyber","verdict":"safe"}],"technique":[{"type":"feedback","subtype":"them","value":"innovation","verdict":"info"},{"type":"Canadian","subtype":"technology","value":"other","verdict":"info"}]},"uri":[{"type":"improve","subtype":"One","value":"sizes","verdict":"other"},{"type":"determine","subtype":"technology","value":"programs","verdict":"Cyber"}],"yara":[{"type":"Canada","subtype":"improve","value":"private","verdict":"suspicious"}]},"agent":{"id":"security","name":"survey.xls","type":"government","version":"6.0.4"},"cbs":{"sharepoint":{"created":{"application":"provide","user":"user"},"modified":{"application":"other","user":"admin"}}},"cloud":{"account":{"id":"6BcN8eC7iY9Pt0O5rP5sWI","name":"in_us_to.jpg"},"availability_zone":"also","instance":{"id":"to","name":"work_with.exe"},"machine":{"type":"enhanced"},"project":{"id":"are","name":"improve_stays.pdf"},"provider":"also","region":"performs","service":{"name":"Amazon AWS"},"tenant_id":"6EfUUVEnSjg3bSM8EzpflV"},"container":{"id":"testing","image":{"hash":{"all":["Cyber"]},"name":"learn_sizes_state.pdf","tag":["website","Canadian"]},"labels":{"key_a":"key","key_b":"on","key_c":"an"},"name":"vendors_to_survey.xls","runtime":"goods"},"destination":{"address":"Government","bytes":1169,"domain":"role.com","geo":{"city_name":"open.ppt","continent_code":"innovations","continent_name":"build_engaging_cyber.exe","country_iso_code":"edge","country_name":"visit_is.pdf","location":{"lon":2442.04,"lat":3249.01},"name":"key_environment.ppt","postal_code":"country","region_iso_code":"also","region_name":"from_helps.doc","timezone":"more"},"ip":"34.132.161.135","mac":"11:7e:e1:d9:b3:37","nat":{"ip":"178.57.152.240","port":622},"packets":595,"port":415},"dns":{"answers":[{"class":"authority","data":"Canadian","name":"transition.xls","ttl":509,"type":"For"},{"class":"development","data":"stays","name":"we.jpg","ttl":1222,"type":"an"},{"class":"with","data":"on","name":"companies_learn_vendors.gif","ttl":3558,"type":"state"}],"header_flags":["provide","sizes","the","programs"],"id":"provide","op_code":"industry","question":{"class":"Program","name":"innovation_state.ppt","registered_domain":"open.com","subdomain":"canadian.biz","top_level_domain":"our.edu","type":"Cyber"},"resolved_ip":["235.24.55.167"],"response_code":"art","type":"to"},"ecs":{"version":"6.5.1"},"error":{"code":"promote","message":"development"},"event":{"action":"promote","category":["database"],"code":"bringing","created":"2023-03-07T17:13:01.028180Z","dataset":"new","duration":3445,"end":"2023-02-10T07:16:39.028191Z","hash":"across","id":"1xhaQnGT0WXzcxxFtLHFtI","ingested":"2023-02-07T09:34:52.028200Z","kind":"pipeline_error","module":"across","original":"potential","outcome":"success","provider":"NBS","reason":"Program","reference":"technical","risk_score":990.94,"risk_score_norm":1669.91,"sequence":1415,"severity":3642,"start":"2023-02-17T05:51:56.028232Z","timezone":"certain","type":["indicator","start","info"],"url":"cutting"},"email":{"attachments":[{"file":{"extension":"One","hash":{"md5":"806dfa104d9c93b9fa63f8cefc856dc1","sha1":"4adfa84f33c43235c67cb5b53887d3656dcf91fc","sha256":"11300bd874bc39ef8e5e619cce3cc2d01c36578a73cf03560b02c98821460eb9","sha384":"77e891d01aca362a8d22c719377ca9600cb5b691b3a2d16f3a194a07b3260febda5617cca9c5e8961905e11d9835baa0","sha512":"c3c016fbe4883a5ea05e7502a6e80781f76150c0079f067861c0a8da31a9b2bcb486f7e8fbcaf731177660bb75b37e4f0d0ce73057002260dbd42149b73f57a1","ssdeep":"33653:4Bd1ADbYtAgYmiYLndKylY0:4ttcCzPKzMlJj0ufFPqTMsOGvriNd52VmR437REgli","tlsh":"from"},"mime_type":"Cyber","name":"open.xls","size":2568}},{"file":{"extension":"industry","hash":{"md5":"73cbf724cc32f557b6047f1273e919df","sha1":"54e7fe56e21a0bed3d810d43c5dfacb62bf34d70","sha256":"f66aa771c9b1fa373cdb04be8c9d4b617d1a4b6eea2f05220c09ebd488ba78ae","sha384":"43d01c41bb81ded8475c15d7c44ff4e61437b5612c8e52663bbd58b60c90666218ccda40ffb8ef279f921121a79066a4","sha512":"8f154041ddf2f11b013248d26db028a195d43b89a74d82a0206f7eec06a7fa2689ea4171f6a5e869fe52a185462b8c55687e49a03905a7c332169c127889f22a","ssdeep":"24143:zuupIQo77Gdcl08GbwPnQqqoXOa:udsZMuTnPKVwyzr9GPlHSnq3OvZcOetodMdJeSm6oGZxlSOzsw8sJkyFzi9BcHq","tlsh":"companies"},"mime_type":"other","name":"them_other_them.pdf","size":516}}],"bcc":{"address":"program@experts.edu"},"cc":{"address":"environment@environment.edu"},"content_type":"cutting","delivery_timestamp":"2023-02-19T13:44:58.028659Z","direction":"edge","from":{"address":"country@partners.biz"},"local_id":"5niyCHi2nQ7jPCKIjW0aPc","message_id":"7fPUuZGl7brnEbqW2Fz7fo","origination_timestamp":"2023-02-08T20:59:36.028722Z","reply_to":{"address":"support@is.edu"},"sender":{"address":"programs@us.ca"},"subject":"certain","to":{"address":"services@enhanced.biz"},"x_mailer":"in","parent":{"bcc":{"address":"support@experts.biz"},"cc":{"address":"them@bcip.com"},"from":{"address":"technologies@centre.com"},"message_id":"58v9IKzCRe6mBzWJ8dWAGH","origination_timestamp":"2023-03-03T08:56:49.028784Z","subject":"We","to":{"address":"engaging@bcip.ca"},"source":"177.176.12.252","destination":"209.99.163.174"}},"faas":{"coldstart":true,"execution":"do","id":"them","name":"more_with.lnk","trigger":{"request_id":"1D8QUu0fiH4a7oq0xwZnip","type":"other"},"version":"7.4.4"},"file":{"accessed":"2023-03-08T14:32:16.028880Z","attributes":["We","For"],"created":"2023-03-06T05:53:25.028894Z","ctime":"2023-02-28T07:43:32.028898Z","device":"invite","directory":"stays/an/feedback/improve/vendors/them","drive_letter":"us","extension":"supports","fork_name":"authority_this_potential.exe","gid":"improve","group":"USERS","inode":"art.biz","mime_type":"to","mode":"partners","mtime":"2023-02-17T15:17:35.028941Z","name":"examine.xls","owner":"We","path":"Innovation","size":1012,"target_path":"market","type":"dir","uid":"performs","code_signature":{"digest_algorithm":"sha1","exists":true,"signing_id":"1STmcfiBif3ZuSyCuN5212","status":"companies","subject_name":"all.ppt","team_id":"7JTmUYcPSdryKPM63CWBW1","timestamp":"2023-02-23T07:20:04.029027Z","trusted":true,"valid":false},"elf":{"architecture":"improve","byte_order":"companies","cpu_type":"levels","creation_date":"authority","exports":["enhanced","invite"],"header":{"abi_version":"5.4.4","class":"state","data":"defence","entrypoint":4095,"object_version":"6.2.3","os_abi":"stays","type":"order","version":"8.5.0"},"imports":["of","Cyber","supports","levels"],"sections":[{"chi2":1257,"entropy":3139,"flags":"improve","name":"edge.gif","physical_offset":"about","physical_size":3066,"type":"evaluate","virtual_address":3878,"virtual_size":856},{"chi2":951,"entropy":1800,"flags":"cyber","name":"supports_collaborating.ppt","physical_offset":"security","physical_size":3216,"type":"other","virtual_address":258,"virtual_size":3684}],"segments":[{"chi2":3758,"entropy":3184,"flags":"technology","name":"innovations.doc","physical_offset":"this","physical_size":1621,"type":"testing","virtual_address":704,"virtual_size":3372},{"chi2":3488,"entropy":2760,"flags":"stays","name":"helps.pdf","physical_offset":"partnerships","physical_size":3568,"type":"To","virtual_address":2542,"virtual_size":3878},{"chi2":3543,"entropy":3665,"flags":"enhanced","name":"constantly_goods_new.exe","physical_offset":"other","physical_size":3333,"type":"work","virtual_address":1334,"virtual_size":3727}],"shared_libraries":["on","us","potential"],"telfhash":"innovation"},"hash":{"md5":"627856c863ecd06f15f8335407a58143","sha1":"d8b7809a7d70463da1f5d86032f3493ac246450a","sha256":"82a36a5c1328f8cd01e480b94d43232fda0142b46adb57571ea1c61f7998902b","sha384":"472c9d42b84407da32fbea7a9295d78b1ac19e17cec9ff670ef9cabbe8f177873547e6b885104b1d1bc733f05ad0d718","sha512":"25d8618e1c75915783a805d574354ee1dc6b9cc102c79f80156ecd5be922ac9bf4a647085096e14e9a968bc96893e4b9bd87f66b9b3f4c2f3ca64fb42a73b606","ssdeep":"39516:wdt50v9cQCbquTCE2F8AEz8gFOrqPHP7QAF8:hHQO5slUlChjqfi6rdvP42779R2tzp6","tlsh":"industry"},"pe":{"architecture":"also","company":"market","description":"One","file_version":"support.exe","imphash":"programs","original_file_name":"promote.ppt","pehash":"marketplace","product":"participating"}},"group":{"domain":"testing.com","id":"BCIP","name":"we_improve_evaluate.ppt"},"host":{"id":"examine","ip":["19.245.177.21"],"mac":["BB3B1E8CDF5B"],"name":"performs_to.xls","domain":"government.biz","type":"art"},"http":{"request":{"body":{"bytes":2666,"content":"technical"},"bytes":3293,"id":"other","method":"the","mime_type":"private","referrer":"is"},"response":{"body":{"bytes":1781,"content":"us"},"bytes":2606,"mime_type":"marketplace","status_code":3600},"version":"8.1.6"},"organization":{"id":"178","name":"CANSOFCOM"},"process":{"args":["evaluate","To","cyber"],"args_count":652,"command_line":"certain","end":"2023-02-08T18:06:14.029550Z","entity_id":"6rZfBxHNpBNGA0jqjXSjkL","env_vars":{"key_a":"problems","key_b":"laboratory","key_c":"partners","key_d":"innovation","key_e":"innovative"},"executable":"feedback","exit_code":2779,"interactive":true,"name":"marketplace_environment_tools.pdf","parent":[{"args":["stays","Government","cyber","are"],"args_count":3089,"command_line":"new","end":"2023-03-06T09:52:08.029629Z","entity_id":"3OqZdR6nzH4FFB7GPh16sn","env_vars":{"key_a":"market","key_b":"improve","key_c":"website"},"executable":"product","exit_code":1996,"interactive":false,"name":"goods_program.gif","pid":2421,"same_as_process":true,"start":"2023-02-15T06:04:04.029684Z","user":{"id":"do","name":"market.lnk"}},{"args":["selling","marketplace","determine","new"],"args_count":846,"command_line":"innovations","end":"2023-02-12T02:08:42.029716Z","entity_id":"2UajBH6puW1TcyOG9MDjy7","env_vars":{"key_a":"all","key_b":"other","key_c":"tools","key_d":"The","key_e":"cyber"},"executable":"Centre","exit_code":726,"interactive":false,"name":"other_technologies.ppt","pid":1213,"same_as_process":false,"start":"2023-02-17T12:22:27.029772Z","user":{"id":"collaborating","name":"the.xls"}},{"args":["The","security","sizes","laboratory"],"args_count":2374,"command_line":"feedback","end":"2023-02-19T04:49:39.029824Z","entity_id":"3CHG1CTMFdQYdXRi2gDuPt","env_vars":{"key_a":"complex","key_b":"development","key_c":"key","key_d":"services"},"executable":"authority","exit_code":1554,"interactive":false,"name":"the_in.doc","pid":1219,"same_as_process":true,"start":"2023-03-09T08:05:58.029882Z","user":{"id":"visit","name":"partners.jpg"}},{"args":["invite","from"],"args_count":295,"command_line":"stays","end":"2023-02-20T08:11:25.029909Z","entity_id":"1XtRF4A3lCOFxyOUS4EN2p","env_vars":{"key_a":"government","key_b":"is","key_c":"more"},"executable":"survey","exit_code":3417,"interactive":false,"name":"security_partners.ppt","pid":3277,"same_as_process":false,"start":"2023-02-19T12:59:36.029962Z","user":{"id":"assist","name":"academia_experts_the.lnk"}}],"pid":279,"same_as_process":true,"start":"2023-02-24T23:34:46.029981Z","title":"order","uptime":3841,"user":{"id":"supports","name":"transition.exe"},"working_directory":"visit/on"},"registry":{"data":{"bytes":"enhanced","strings":["partners","technologies","problems","work"],"type":"survey"},"hive":"on","key":"promote","path":"BCIP","value":"are"},"related":{"hash":["country","this","is","invite"],"hosts":["improve.biz","levels.edu","technologies.biz"],"ip":["151.238.59.107"],"user":["user","admin"],"id":"learn","uri":["http://them.com/commercial/is/constantly/art","http://other.biz/engaging/BCIP/Cyber","https://innovation.com/is/engaging/edge/innovative/Canada"],"signature":["feedback","them","tools","technology"]},"server":{"ip":"158.75.28.58","address":"art","domain":"website.com"},"source":{"address":"Cyber","bytes":2503,"domain":"cutting.biz","geo":{"city_name":"commercial.jpg","continent_code":"companies","continent_name":"edge_invite.lnk","country_iso_code":"survey","country_name":"survey_technologies.xls","location":{"lon":515.27,"lat":3764.03},"name":"order.lnk","postal_code":"transition","region_iso_code":"the","region_name":"assist_promote_survey.gif","timezone":"this"},"ip":"114.39.143.2","mac":"b4:24:60:6f:55:35","nat":{"ip":"246.210.39.38","port":3273},"packets":603,"port":3773},"threat":{"feed":{"dashboard_id":"7GJqWrkI4gGkTuNBJiwN9b","description":"Program","name":"potential_testing_new.gif","reference":"partners"},"framework":"MITRE ATT&CK","group":{"alias":["collaborating","defence","stays","bringing"],"id":"improve","name":"security.exe","reference":"stays"},"indicator":{"confidence":"testing","description":"Any member of the public in Canada has the right to communicate with, and to receive available services from, any head or central office of an institution of the Parliament or government of Canada in English or French, and has the same right with respect to any other office of any such institution where.","email":{"address":"in"},"provider":"experts","reference":"innovations","scanner_stats":1779,"sightings":802,"ip":"19.20.7.75","type":"potential","first_seen":"2023-03-07T19:31:45.030306Z","last_seen":"2023-02-08T02:14:32.030311Z"},"software":{"alias":["constantly","certain"],"id":"assist","name":"certain_determine_but.ppt","platform":["Program","determine","Cyber","edge"],"reference":"the","type":"Canada"},"tactic":{"id":"TA0042","name":"Resource Development","reference":"us"},"technique":{"id":"T1584.004","name":"Server","reference":"experts"}},"tls":{"version":"6.5.8","version_protocol":"8.5.2","client":{"server_name":"from_technology_all.ppt","ja3":"Canada"},"server":{"ja3s":"partnerships"}},"url":{"domain":"bcip.edu","extension":"engaging","fragment":"potential","full":"selling","original":"To","password":"laboratory","path":"partnerships","port":509,"query":"open","registered_domain":"learn.biz","scheme":"from","subdomain":"canada.com","top_level_domain":"government.edu","username":"user"},"user":{"domain":"them.ca","email":"vendors@about.com","full_name":"one_programs_open.lnk","group":{"domain":"also.edu","id":"sizes","name":"helps_support_on.doc"},"hash":"experts","id":"edge","name":"laboratory","roles":["One"]},"user_agent":{"device":{"name":"support_innovative_performs.ppt"},"name":"across_website.doc","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","os":{"family":"is","full":"BCIP","kernel":"goods","name":"companies_in.xls","platform":"in","type":"vendors","version":"7.2.1"},"version":"5.5.3"},"vulnerability":{"category":["Centre","transition","from","on"],"classification":"Innovation","description":"evaluate","enumeration":"selling","id":"laboratory","reference":"certain","report_id":"uNbR4qpnbWsqNPACQgFmp"}},"5aktt6R2Gs7X6v9PlLoMsO":{"timestamp":"2023-02-04T12:55:11.270597Z","labels":{"key_a":"cutting","key_b":"improve"},"tags":["Cyber","role"],"howler":{"id":"5aktt6R2Gs7X6v9PlLoMsO","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Defense Evasion","hash":"9391f4f59601f2ad661814f62f09482db79ed94d853a870c60cc210a5d32fda8","related":["their","do","market"],"reliability":380.73,"severity":983.22,"volume":2666.56,"confidence":3147.95,"score":750.03,"status":"open","scrutiny":"investigated","escalation":"alert","assessment":null,"comment":[{"id":"5Z4BpIvMChnTyefKB5HJ7y","timestamp":"2023-03-05T10:52:11.270796Z","modified":"2023-02-18T10:19:38.270802Z","value":"To be informed without unreasonable delay of the specific offence.","user":"shawnh"},{"id":"2kNcs0djljItrIbmzjq2cC","timestamp":"2023-02-24T17:26:05.270834Z","modified":"2023-02-12T01:17:51.270838Z","value":"Every individual is equal before and under the law and has the right to the equal protection and equal benefit of the law without discrimination and, in particular, without discrimination based on race, national or ethnic origin, colour, religion, sex, age or mental or physical disability.","user":"user"},{"modified":"2023-03-10T14:55:02.086047Z","id":"5cGEqMINkILHGbkbGP76Ek","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:02.086006Z"},{"modified":"2023-03-10T14:55:41.685856Z","id":"6AxQaQec11ZpVY3Eqtpzch","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:41.685823Z"},{"modified":"2023-03-10T15:11:47.299203Z","id":"3x9zbwYR3I3LmBFsFBalFp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:47.299168Z"},{"modified":"2023-03-10T15:12:33.150539Z","id":"O64XtaItOyZUiEMWBXe47","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:33.150497Z"},{"modified":"2023-03-10T15:13:03.628018Z","id":"1oiu50Y4DiW2TMHdL38l8a","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:03.627973Z"},{"modified":"2023-03-10T15:13:27.360386Z","id":"1b8fx2oR5pyy3BojfGfeO6","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:27.360348Z"},{"modified":"2023-03-10T15:14:22.738644Z","id":"2FHUXOJaehcJIOG4WPAOTY","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:22.738535Z"},{"modified":"2023-03-10T15:14:49.388560Z","id":"3YJyBtKNLjtITYbHwq9IEy","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:49.388510Z"},{"modified":"2023-03-10T15:19:09.868407Z","id":"Nm9Rpdr8JYFGrxYoAMmmu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:09.868354Z"},{"modified":"2023-03-10T15:20:02.655376Z","id":"1Rs31Pu6VEbwVLEhaqKAyf","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:02.655216Z"},{"modified":"2023-03-10T15:21:40.913594Z","id":"23aZB94gbk2dyzT5Q1lqOa","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:40.913529Z"},{"modified":"2023-03-10T15:23:14.999642Z","id":"4EIoKYS4xRojjQBHrmDPo1","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:14.999601Z"},{"modified":"2023-03-10T15:26:29.559342Z","id":"3OnZ7NQIgAwH8juzjwttgz","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:29.559290Z"},{"modified":"2023-03-10T15:31:01.714872Z","id":"3jypgwS0OwFon6S52HTK36","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:01.714835Z"},{"modified":"2023-03-10T15:34:16.211802Z","id":"9TpG8BGBp55oB3cx6NVib","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:16.211762Z"},{"modified":"2023-03-10T15:40:27.065122Z","id":"1EbpdHaldoTIyp1Bo6fesL","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:27.065087Z"}],"log":[{"timestamp":"2023-02-27T16:11:38.270850Z","key":"are","explanation":"The Canadian Charter of Rights and Freedoms guarantees the rights and freedoms set out in it subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society.","new_value":"performs","type":"appended","previous_value":"marketplace","user":"admin"},{"timestamp":"2023-02-14T00:22:01.270874Z","key":"The","explanation":"Subsection does not preclude any law, program or activity that has as its object the amelioration of conditions of disadvantaged individuals or groups including those that are disadvantaged because of race, national or ethnic origin, colour, religion, sex, age or mental or physical disability.","new_value":"in","type":"appended","previous_value":"BCIP","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5cGEqMINkILHGbkbGP76Ek\\", \\"timestamp\\": \\"2023-03-10T14:55:02.086006Z\\", \\"modified\\": \\"2023-03-10T14:55:02.086047Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:02.172160Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6AxQaQec11ZpVY3Eqtpzch\\", \\"timestamp\\": \\"2023-03-10T14:55:41.685823Z\\", \\"modified\\": \\"2023-03-10T14:55:41.685856Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:41.753173Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3x9zbwYR3I3LmBFsFBalFp\\", \\"timestamp\\": \\"2023-03-10T15:11:47.299168Z\\", \\"modified\\": \\"2023-03-10T15:11:47.299203Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:47.366727Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"O64XtaItOyZUiEMWBXe47\\", \\"timestamp\\": \\"2023-03-10T15:12:33.150497Z\\", \\"modified\\": \\"2023-03-10T15:12:33.150539Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:33.227754Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1oiu50Y4DiW2TMHdL38l8a\\", \\"timestamp\\": \\"2023-03-10T15:13:03.627973Z\\", \\"modified\\": \\"2023-03-10T15:13:03.628018Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:03.755884Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1b8fx2oR5pyy3BojfGfeO6\\", \\"timestamp\\": \\"2023-03-10T15:13:27.360348Z\\", \\"modified\\": \\"2023-03-10T15:13:27.360386Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:27.429627Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2FHUXOJaehcJIOG4WPAOTY\\", \\"timestamp\\": \\"2023-03-10T15:14:22.738535Z\\", \\"modified\\": \\"2023-03-10T15:14:22.738644Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:22.831689Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3YJyBtKNLjtITYbHwq9IEy\\", \\"timestamp\\": \\"2023-03-10T15:14:49.388510Z\\", \\"modified\\": \\"2023-03-10T15:14:49.388560Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:49.481770Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Nm9Rpdr8JYFGrxYoAMmmu\\", \\"timestamp\\": \\"2023-03-10T15:19:09.868354Z\\", \\"modified\\": \\"2023-03-10T15:19:09.868407Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:09.989272Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1Rs31Pu6VEbwVLEhaqKAyf\\", \\"timestamp\\": \\"2023-03-10T15:20:02.655216Z\\", \\"modified\\": \\"2023-03-10T15:20:02.655376Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:02.770073Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"23aZB94gbk2dyzT5Q1lqOa\\", \\"timestamp\\": \\"2023-03-10T15:21:40.913529Z\\", \\"modified\\": \\"2023-03-10T15:21:40.913594Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:41.025842Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4EIoKYS4xRojjQBHrmDPo1\\", \\"timestamp\\": \\"2023-03-10T15:23:14.999601Z\\", \\"modified\\": \\"2023-03-10T15:23:14.999642Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:15.086871Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3OnZ7NQIgAwH8juzjwttgz\\", \\"timestamp\\": \\"2023-03-10T15:26:29.559290Z\\", \\"modified\\": \\"2023-03-10T15:26:29.559342Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:29.670898Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3jypgwS0OwFon6S52HTK36\\", \\"timestamp\\": \\"2023-03-10T15:31:01.714835Z\\", \\"modified\\": \\"2023-03-10T15:31:01.714872Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:01.791676Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"9TpG8BGBp55oB3cx6NVib\\", \\"timestamp\\": \\"2023-03-10T15:34:16.211762Z\\", \\"modified\\": \\"2023-03-10T15:34:16.211802Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:16.289589Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1EbpdHaldoTIyp1Bo6fesL\\", \\"timestamp\\": \\"2023-03-10T15:40:27.065087Z\\", \\"modified\\": \\"2023-03-10T15:40:27.065122Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:27.145977Z"}],"retained":"partners","monitored":"role","reported":"participating","mitigated":"assist","outline":{"threat":"f5c48415075bc8332d36359b19fdbba8-thing.baduser.org","target":"82c81dfc3c60d7468966460a6c7628b1.gc.ca","indicators":["sizes_key_constantly.jpg","are_one_invite.lnk","their_certain_complex.exe","do.exe","promote_our.ppt","to.xls","this_potential.ppt","do_collaborating.xls","assist.xls","levels_invite.gif","examine.gif","an_cutting.xls","order_constantly.doc","product_edge.lnk","companies.gif","support_with_do.gif","visit_determine.gif","examine_them_canada.gif","program.gif","supports.xls"],"summary":"Freedom of conscience and religion."},"labels":{"assignments":["ADS4B","APA1B","APA2B","ACE1C"],"generic":["Outlook","Danger"]},"votes":{"benign":["state"],"obscure":["cutting","environment","stays","government"],"malicious":["this","our","supports"]},"dossier":{"key_a":"[\\"development\\", \\"environment\\", \\"our\\", \\"on\\"]"}},"assemblyline":{"antivirus":[{"type":"market","subtype":"companies","value":"survey","verdict":"safe"},{"type":"Build","subtype":"complex","value":"Cyber","verdict":"suspicious"}],"attribution":[{"type":"development","subtype":"defence","value":"edge","verdict":"malicious"},{"type":"are","subtype":"assist","value":"partnerships","verdict":"suspicious"}],"behaviour":[{"type":"technology","subtype":"Program","value":"are","verdict":"suspicious"},{"type":"One","subtype":"survey","value":"with","verdict":"malicious"},{"type":"Innovation","subtype":"our","value":"in","verdict":"malicious"}],"domain":[{"type":"other","subtype":"an","value":"complex","verdict":"Cyber"},{"type":"this","subtype":"Innovation","value":"us","verdict":"partnerships"}],"heuristic":[{"type":"improve","subtype":"technical","value":"an","verdict":"safe"},{"type":"this","subtype":"website","value":"laboratory","verdict":"info"},{"type":"bringing","subtype":"technical","value":"examine","verdict":"info"}],"mitre":{"tactic":[{"type":"stays","subtype":"support","value":"sizes","verdict":"malicious"},{"type":"programs","subtype":"working","value":"about","verdict":"info"},{"type":"enhanced","subtype":"product","value":"services","verdict":"info"}],"technique":[{"type":"promote","subtype":"Centre","value":"emerging","verdict":"safe"},{"type":"is","subtype":"enhanced","value":"art","verdict":"info"},{"type":"to","subtype":"constantly","value":"more","verdict":"malicious"},{"type":"constantly","subtype":"with","value":"transition","verdict":"suspicious"}]},"uri":[{"type":"academia","subtype":"but","value":"key","verdict":"improve"},{"type":"new","subtype":"Innovation","value":"bringing","verdict":"development"}],"yara":[{"type":"constantly","subtype":"tools","value":"an","verdict":"suspicious"},{"type":"work","subtype":"helps","value":"other","verdict":"malicious"},{"type":"state","subtype":"us","value":"also","verdict":"info"}]},"agent":{"id":"To","name":"the.doc","type":"open","version":"4.3.8"},"cbs":{"sharepoint":{"created":{"application":"The","user":"admin"},"modified":{"application":"feedback","user":"admin"}}},"cloud":{"account":{"id":"50iyq5eYFPUvxMSGmKeCbp","name":"development.pdf"},"availability_zone":"website","instance":{"id":"levels","name":"learn.lnk"},"machine":{"type":"evaluate"},"project":{"id":"transition","name":"by_more_technologies.exe"},"provider":"examine","region":"to","service":{"name":"Azure"},"tenant_id":"3GQwvLoniy7DKd6jT0locX"},"container":{"id":"innovative","image":{"hash":{"all":["an","with"]},"name":"market.pdf","tag":["security","authority"]},"labels":{"key_a":"in","key_b":"performs","key_c":"To","key_d":"an","key_e":"private"},"name":"industry.lnk","runtime":"emerging"},"destination":{"address":"To","bytes":2732,"domain":"us.edu","geo":{"city_name":"tools_marketplace_authority.exe","continent_code":"state","continent_name":"goods_partners_laboratory.exe","country_iso_code":"assist","country_name":"participating.exe","location":{"lon":270.57,"lat":2127.76},"name":"cutting.lnk","postal_code":"environment","region_iso_code":"The","region_name":"invite.exe","timezone":"innovative"},"ip":"165.48.67.88","mac":"6f:da:60:b6:16:07","nat":{"ip":"57.234.105.52","port":3345},"packets":835,"port":1691},"dns":{"answers":[{"class":"more","data":"working","name":"authority.gif","ttl":406,"type":"To"},{"class":"determine","data":"the","name":"experts_complex.gif","ttl":3794,"type":"their"},{"class":"new","data":"vendors","name":"all.lnk","ttl":338,"type":"product"},{"class":"companies","data":"learn","name":"government.gif","ttl":3247,"type":"Program"}],"header_flags":["open","on","an"],"id":"One","op_code":"private","question":{"class":"bringing","name":"technologies_more.xls","registered_domain":"us.com","subdomain":"provide.ca","top_level_domain":"partnerships.edu","type":"tools"},"resolved_ip":["95.198.157.106","139.98.96.253","248.207.28.78","59.10.198.177"],"response_code":"us","type":"edge"},"ecs":{"version":"5.1.3"},"error":{"code":"technical","message":"other"},"event":{"action":"us","category":["intrusion_detection"],"code":"certain","created":"2023-03-06T15:56:59.271716Z","dataset":"tools","duration":2885,"end":"2023-02-04T23:42:37.271729Z","hash":"open","id":"5aktt6R2Gs7X6v9PlLoMsO","ingested":"2023-02-26T18:49:59.271739Z","kind":"state","module":"Canada","original":"partners","outcome":"failure","provider":"CBS","reason":"key","reference":"certain","risk_score":3699.07,"risk_score_norm":494.21,"sequence":3070,"severity":1002,"start":"2023-02-15T02:43:27.271771Z","timezone":"about","type":["end","denied"],"url":"security"},"email":{"attachments":[{"file":{"extension":"technologies","hash":{"md5":"d8185e9e22b68981c42d58b5563f37ec","sha1":"883eb48397ba8cd80220e17c264a8d2f17e1ad8b","sha256":"d2a351a997c40990cf873a523de2cac2b2a3603310d9aa922be6d228f43a1ad9","sha384":"c3019ee58144d7539621844706a019dec9f3fd47c0b461bbfd5fde08a8a7abf810b2e33c32ec2a506e5a10b67b0f563d","sha512":"2b1c7e8528567ea82cdcd73da5e14a31c2f4eb3df3fd0388a9e32aa42e8a9a43e9b31bbb9e1ff62e32a8586dee7cd0430fd8c29aaa0e4efd40482b786f20f6d3","ssdeep":"6288:uryqfIRu9e2AHdvBHVYLt:lxkzBPSGH7JEGSKIq4xlrQmxX8lF2j1l0PqpCMumq1BXYp6hK3JOpAJeYcZPT1SL","tlsh":"order"},"mime_type":"an","name":"services_survey_canada.pdf","size":588}}],"bcc":{"address":"build@feedback.com"},"cc":{"address":"all@visit.com"},"content_type":"testing","delivery_timestamp":"2023-03-05T15:47:18.272014Z","direction":"cyber","from":{"address":"work@support.ca"},"local_id":"1fcKAdXFol923VQtVfcZAj","message_id":"3Zdh0rQs2QudSh1tohR6cW","origination_timestamp":"2023-02-08T18:30:15.272074Z","reply_to":{"address":"to@tools.biz"},"sender":{"address":"them@vendors.biz"},"subject":"state","to":{"address":"canadian@innovation.com"},"x_mailer":"engaging","parent":{"bcc":{"address":"problems@helps.ca"},"cc":{"address":"testing@order.com"},"from":{"address":"partnerships@on.ca"},"message_id":"17aEYaatmMWh4XuDfRRoOC","origination_timestamp":"2023-02-25T01:35:34.272134Z","subject":"industry","to":{"address":"vendors@bringing.com"},"source":"10.162.114.232","destination":"222.164.41.45"}},"faas":{"coldstart":true,"execution":"collaborating","id":"The","name":"new_feedback_new.gif","trigger":{"request_id":"PDiCUCX458W5WCYUiQoCh","type":"timer"},"version":"6.4.2"},"file":{"accessed":"2023-03-03T04:41:05.272213Z","attributes":["assist","state","We","edge"],"created":"2023-02-13T23:43:09.272233Z","ctime":"2023-03-06T05:01:38.272237Z","device":"is","directory":"experts/constantly/testing","drive_letter":"experts","extension":"Build","fork_name":"determine_emerging.ppt","gid":"engaging","group":"ADMINS","inode":"other.edu","mime_type":"feedback","mode":"authority","mtime":"2023-02-28T19:38:31.272280Z","name":"engaging_companies.xls","owner":"assist","path":"more","size":494,"target_path":"emerging","type":"dir","uid":"but","code_signature":{"digest_algorithm":"sha384","exists":true,"signing_id":"7LoTuVz5MjnHgC0UScm5an","status":"complex","subject_name":"security_survey.xls","team_id":"3eWqCwtXZyCZXYIYkMsidT","timestamp":"2023-02-10T10:57:22.272368Z","trusted":true,"valid":false},"elf":{"architecture":"their","byte_order":"emerging","cpu_type":"private","creation_date":"Canadian","exports":["work","open","country"],"header":{"abi_version":"4.0.6","class":"The","data":"order","entrypoint":3703,"object_version":"4.3.7","os_abi":"with","type":"innovation","version":"4.5.7"},"imports":["evaluate"],"sections":[{"chi2":2068,"entropy":373,"flags":"commercial","name":"their_government_in.lnk","physical_offset":"market","physical_size":3073,"type":"evaluate","virtual_address":828,"virtual_size":3771},{"chi2":212,"entropy":3596,"flags":"sizes","name":"survey.doc","physical_offset":"engaging","physical_size":3787,"type":"tools","virtual_address":1028,"virtual_size":326},{"chi2":411,"entropy":3605,"flags":"engaging","name":"this.ppt","physical_offset":"assist","physical_size":993,"type":"market","virtual_address":3795,"virtual_size":3063}],"segments":[{"chi2":2919,"entropy":3807,"flags":"support","name":"program_invite.jpg","physical_offset":"across","physical_size":454,"type":"invite","virtual_address":3367,"virtual_size":934},{"chi2":1736,"entropy":2494,"flags":"defence","name":"security.ppt","physical_offset":"engaging","physical_size":215,"type":"also","virtual_address":218,"virtual_size":2643},{"chi2":2404,"entropy":1022,"flags":"To","name":"role.ppt","physical_offset":"website","physical_size":3201,"type":"potential","virtual_address":3556,"virtual_size":1353}],"shared_libraries":["more","Innovation","them"],"telfhash":"country"},"hash":{"md5":"e9e24c2fb993ab1978c38aaa9b0e4602","sha1":"a4b321666a78770c4e387d8ce563dac330addb55","sha256":"d870be6797c3a9efea2d9911b638ca03810851194fb05ae01a798549c6e824d8","sha384":"81d1084ae366eea5c5a3d4d23b0ce94ae8ce39931acadadf77373d4813ea8cea2915c7dadd3b00f1326247f85b7ec7fb","sha512":"cf8af5daff832bcf805b59670db34f064136b91a13372cecd2a5496603678b35fe1d63f9b6a1bb32135f0bbfe049b65df413369e2d0b78acd732b90a3a9be588","ssdeep":"68907:tHk3lk0Z4HjHaXax3GHYO53OxDGjV53r34rG9cOzvP696V:Sed7r6HN0Fn31VA00IeYPh7Ou81zlQBJy7EParPbFCzFKJ","tlsh":"work"},"pe":{"architecture":"improve","company":"Cyber","description":"evaluate","file_version":"with_for_marketplace.ppt","imphash":"complex","original_file_name":"new.pdf","pehash":"the","product":"role"}},"group":{"domain":"on.com","id":"We","name":"in_program_the.gif"},"host":{"id":"feedback","ip":["1.222.69.126","29.36.203.10"],"mac":["C3EB7D5E69D0","57C1D4033BD4"],"name":"country_survey_security.ppt","domain":"canada.com","type":"marketplace"},"http":{"request":{"body":{"bytes":1233,"content":"learn"},"bytes":1582,"id":"enhanced","method":"work","mime_type":"bringing","referrer":"is"},"response":{"body":{"bytes":1461,"content":"their"},"bytes":2487,"mime_type":"an","status_code":2245},"version":"8.1.3"},"organization":{"id":"83","name":"ITO"},"process":{"args":["promote","work","partnerships","us"],"args_count":2176,"command_line":"government","end":"2023-02-22T19:35:45.272954Z","entity_id":"LgV2LY5TlW48XPyR9wdBk","env_vars":{"key_a":"programs","key_b":"also"},"executable":"authority","exit_code":1925,"interactive":true,"name":"partners.gif","parent":[{"args":["development","companies"],"args_count":3479,"command_line":"Canada","end":"2023-03-04T07:32:03.273021Z","entity_id":"7W70TqJllCsUr1uPAzuNPg","env_vars":{"key_a":"assist"},"executable":"learn","exit_code":1204,"interactive":false,"name":"private_more.pdf","pid":1593,"same_as_process":true,"start":"2023-02-05T08:25:05.273071Z","user":{"id":"constantly","name":"cyber_stays_cutting.gif"}}],"pid":2194,"same_as_process":false,"start":"2023-03-07T11:07:43.273092Z","title":"private","uptime":2384,"user":{"id":"technical","name":"of_their_innovation.xls"},"working_directory":"the/programs/program/order/testing"},"registry":{"data":{"bytes":"certain","strings":["One"],"type":"problems"},"hive":"us","key":"complex","path":"website","value":"industry"},"related":{"hash":["levels"],"hosts":["canada.edu","industry.ca"],"ip":["252.252.148.96","149.101.251.18"],"user":["admin"],"id":"key","uri":["https://from.ca/authority/all/state","ftp://art.edu/feedback/Canada/authority/other/Build/key","http://we.biz/innovations/Canadian/private/market/art/collaborating"],"signature":["commercial","marketplace","across"]},"server":{"ip":"155.120.104.164","address":"our","domain":"canada.ca"},"source":{"address":"transition","bytes":3196,"domain":"across.com","geo":{"city_name":"private_cyber.doc","continent_code":"working","continent_name":"development_development.lnk","country_iso_code":"problems","country_name":"levels.xls","location":{"lon":3005.56,"lat":1824.25},"name":"emerging_survey.xls","postal_code":"commercial","region_iso_code":"an","region_name":"cyber_with_visit.doc","timezone":"Program"},"ip":"4.18.183.163","mac":"f4:8c:01:b3:e3:ca","nat":{"ip":"110.8.44.134","port":1301},"packets":1227,"port":3894},"threat":{"feed":{"dashboard_id":"3ycpjP6k0EHCKRxKcCYhOD","description":"our","name":"determine_innovation_bcip.gif","reference":"evaluate"},"framework":"MITRE ATT&CK","group":{"alias":["more"],"id":"Government","name":"enhanced.pdf","reference":"supports"},"indicator":{"confidence":"our","description":"Affirmative action programs.","email":{"address":"art"},"provider":"transition","reference":"collaborating","scanner_stats":2718,"sightings":3804,"ip":"117.56.215.195","type":"order","first_seen":"2023-03-02T15:42:28.273407Z","last_seen":"2023-02-10T01:52:38.273412Z"},"software":{"alias":["engaging","Canadian"],"id":"new","name":"our_build.doc","platform":["sizes","Innovation","us","selling"],"reference":"technologies","type":"partners"},"tactic":{"id":"TA0005","name":"Defense Evasion","reference":"emerging"},"technique":{"id":"T1189","name":"Drive-by Compromise","reference":"supports"}},"tls":{"version":"6.1.3","version_protocol":"4.2.6","client":{"server_name":"constantly.lnk","ja3":"goods"},"server":{"ja3s":"them"}},"url":{"domain":"cyber.biz","extension":"complex","fragment":"vendors","full":"tools","original":"promote","password":"services","path":"cyber","port":375,"query":"problems","registered_domain":"potential.edu","scheme":"an","subdomain":"laboratory.com","top_level_domain":"government.biz","username":"user"},"user":{"domain":"levels.ca","email":"in@commercial.ca","full_name":"testing.gif","group":{"domain":"environment.ca","id":"assist","name":"engaging_other_emerging.lnk"},"hash":"in","id":"selling","name":"tools","roles":["other","Canadian"]},"user_agent":{"device":{"name":"in_commercial_key.xls"},"name":"experts_potential_our.lnk","original":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9","os":{"family":"all","full":"tools","kernel":"experts","name":"authority_program.pdf","platform":"all","type":"To","version":"7.3.6"},"version":"8.5.3"},"vulnerability":{"category":["market"],"classification":"To","description":"order","enumeration":"technical","id":"promote","reference":"by","report_id":"4msa4hAXb2ebjwKKAofQtq"}},"7VVpyU7sEx5ZGM3dY0wip0":{"timestamp":"2023-02-16T21:46:31.435822Z","labels":{"key_a":"to","key_b":"authority","key_c":"support"},"tags":["improve"],"howler":{"id":"7VVpyU7sEx5ZGM3dY0wip0","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Exfiltration","hash":"989b437b71001432bbc446a50195175e292177b8ae71a10689021952b9b36a40","related":["Canada","academia","For","technologies"],"reliability":3703.24,"severity":2641.93,"volume":1112.08,"confidence":316.46,"score":2652.26,"status":"open","scrutiny":"unseen","escalation":"alert","assessment":null,"comment":[{"id":"4Qr2Ibu7RJQM19gkZc8nq1","timestamp":"2023-02-14T21:51:30.436027Z","modified":"2023-02-25T12:05:52.436034Z","value":"Where, in proceedings under subsection (1), a court concludes that evidence was obtained in a manner that infringed or denied any rights or freedoms guaranteed by this Charter, the evidence shall be excluded if it is established that, having regard to all the circumstances, the admission of it in the proceedings would bring the administration of justice into disrepute.","user":"shawnh"},{"id":"5vuqfXfjWBMEsQA0HNq5je","timestamp":"2023-02-05T04:20:27.436066Z","modified":"2023-02-10T03:05:01.436071Z","value":"Mobility Rights.","user":"user"},{"id":"6JIuYloBWA53iJjkgFC3Cz","timestamp":"2023-02-24T08:56:02.436098Z","modified":"2023-02-23T04:39:26.436102Z","value":"A witness who testifies in any proceedings has the right not to have any incriminating evidence so given used to incriminate that witness in any other proceedings, except in a prosecution for perjury or for the giving of contradictory evidence.","user":"shawnh"},{"modified":"2023-03-10T14:55:02.431282Z","id":"1XIj3bUBpDpgYP9i17rf8S","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:02.431238Z"},{"modified":"2023-03-10T14:55:41.963325Z","id":"31w0IW1fyHm756z73xRM6d","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:41.963291Z"},{"modified":"2023-03-10T15:11:47.576291Z","id":"1jt4Ip7EJ1vf1eAJjL72ML","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:47.576226Z"},{"modified":"2023-03-10T15:12:33.489940Z","id":"3Vx8lcdY3Iri9fNeeyjQRq","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:33.489799Z"},{"modified":"2023-03-10T15:13:04.011290Z","id":"3SHskBWWVejAhQQ8Vah0k9","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:04.011218Z"},{"modified":"2023-03-10T15:13:27.652520Z","id":"5gtLDEO8ZaGpjNX8pkqwSu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:27.652458Z"},{"modified":"2023-03-10T15:14:23.045799Z","id":"2vIJYUTCEQJR5jRvrOVaqV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:23.045767Z"},{"modified":"2023-03-10T15:14:49.724729Z","id":"1nEIl3UaZBU5TEdxoUvciH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:49.724604Z"},{"modified":"2023-03-10T15:19:10.257740Z","id":"rf1yKn4rKn8TDqBHZcs4w","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:10.257693Z"},{"modified":"2023-03-10T15:20:03.054201Z","id":"1lAQR34VwdDvNYuAQJJ5fK","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:03.054143Z"},{"modified":"2023-03-10T15:21:41.293298Z","id":"Z2LQrBGukIMi6VdAthvqw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:41.293243Z"},{"modified":"2023-03-10T15:23:15.349064Z","id":"5NCcJ6dXVWEoq1FazSSekB","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:15.349012Z"},{"modified":"2023-03-10T15:26:29.955978Z","id":"5PyhMaGwBbpb3dFks87JPi","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:29.955915Z"},{"modified":"2023-03-10T15:31:02.031845Z","id":"2YJ2z836FtF8O0xdae5fnN","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:02.031810Z"},{"modified":"2023-03-10T15:34:16.529120Z","id":"5SllT3ZZ1tcRCPy8adVzrh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:16.529061Z"},{"modified":"2023-03-10T15:40:27.379958Z","id":"6ROYA1mjtZhH3BsChEid1l","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:27.379910Z"}],"log":[{"timestamp":"2023-02-14T16:38:06.436113Z","key":"The","explanation":"The Canadian Charter of Rights and Freedoms guarantees the rights and freedoms set out in it subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society.","new_value":"certain","type":"set","previous_value":"collaborating","user":"user"},{"timestamp":"2023-02-26T19:48:31.436135Z","key":"complex","explanation":"Whose first language learned and still understood is that of the English or French linguistic minority population of the province in which they reside, or.","new_value":"of","type":"appended","previous_value":"sizes","user":"user"},{"timestamp":"2023-02-09T02:53:16.436182Z","key":"potential","explanation":"Parliament or the legislature of a province may re-enact a declaration made under subsection.","new_value":"visit","type":"set","previous_value":"improve","user":"user"},{"timestamp":"2023-02-11T01:36:12.436206Z","key":"technical","explanation":"English and French linguistic communities in New Brunswick.","new_value":"Program","type":"removed","previous_value":"technologies","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1XIj3bUBpDpgYP9i17rf8S\\", \\"timestamp\\": \\"2023-03-10T14:55:02.431238Z\\", \\"modified\\": \\"2023-03-10T14:55:02.431282Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:02.523914Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"31w0IW1fyHm756z73xRM6d\\", \\"timestamp\\": \\"2023-03-10T14:55:41.963291Z\\", \\"modified\\": \\"2023-03-10T14:55:41.963325Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:42.032483Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1jt4Ip7EJ1vf1eAJjL72ML\\", \\"timestamp\\": \\"2023-03-10T15:11:47.576226Z\\", \\"modified\\": \\"2023-03-10T15:11:47.576291Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:47.642293Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3Vx8lcdY3Iri9fNeeyjQRq\\", \\"timestamp\\": \\"2023-03-10T15:12:33.489799Z\\", \\"modified\\": \\"2023-03-10T15:12:33.489940Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:33.582841Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3SHskBWWVejAhQQ8Vah0k9\\", \\"timestamp\\": \\"2023-03-10T15:13:04.011218Z\\", \\"modified\\": \\"2023-03-10T15:13:04.011290Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:04.092069Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5gtLDEO8ZaGpjNX8pkqwSu\\", \\"timestamp\\": \\"2023-03-10T15:13:27.652458Z\\", \\"modified\\": \\"2023-03-10T15:13:27.652520Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:27.733897Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2vIJYUTCEQJR5jRvrOVaqV\\", \\"timestamp\\": \\"2023-03-10T15:14:23.045767Z\\", \\"modified\\": \\"2023-03-10T15:14:23.045799Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:23.132696Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1nEIl3UaZBU5TEdxoUvciH\\", \\"timestamp\\": \\"2023-03-10T15:14:49.724604Z\\", \\"modified\\": \\"2023-03-10T15:14:49.724729Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:49.802671Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"rf1yKn4rKn8TDqBHZcs4w\\", \\"timestamp\\": \\"2023-03-10T15:19:10.257693Z\\", \\"modified\\": \\"2023-03-10T15:19:10.257740Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:10.345487Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1lAQR34VwdDvNYuAQJJ5fK\\", \\"timestamp\\": \\"2023-03-10T15:20:03.054143Z\\", \\"modified\\": \\"2023-03-10T15:20:03.054201Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:03.165987Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Z2LQrBGukIMi6VdAthvqw\\", \\"timestamp\\": \\"2023-03-10T15:21:41.293243Z\\", \\"modified\\": \\"2023-03-10T15:21:41.293298Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:41.391670Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5NCcJ6dXVWEoq1FazSSekB\\", \\"timestamp\\": \\"2023-03-10T15:23:15.349012Z\\", \\"modified\\": \\"2023-03-10T15:23:15.349064Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:15.440254Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5PyhMaGwBbpb3dFks87JPi\\", \\"timestamp\\": \\"2023-03-10T15:26:29.955915Z\\", \\"modified\\": \\"2023-03-10T15:26:29.955978Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:30.100280Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2YJ2z836FtF8O0xdae5fnN\\", \\"timestamp\\": \\"2023-03-10T15:31:02.031810Z\\", \\"modified\\": \\"2023-03-10T15:31:02.031845Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:02.106517Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5SllT3ZZ1tcRCPy8adVzrh\\", \\"timestamp\\": \\"2023-03-10T15:34:16.529061Z\\", \\"modified\\": \\"2023-03-10T15:34:16.529120Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:16.605004Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6ROYA1mjtZhH3BsChEid1l\\", \\"timestamp\\": \\"2023-03-10T15:40:27.379910Z\\", \\"modified\\": \\"2023-03-10T15:40:27.379958Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:27.455342Z"}],"retained":"BCIP","monitored":"To","reported":"us","mitigated":"key","outline":{"threat":"219.170.73.222","target":"933da8277b3595a07da720927b06c84f.gc.ca","indicators":["sizes_participating.xls","do_participating.pdf","technologies_invite_programs.jpg","cyber.doc","one_website.doc","more_provide_promote.doc","collaborating.doc","authority_are.doc","evaluate_government.gif","canadian_website_them.lnk","selling_our_innovation.pdf","key_innovative_for.xls","for_technology.xls","of_canada.ppt","potential_levels.doc","programs_experts.ppt","stays_innovation.pdf","government_work.jpg","country_helps_canada.ppt","defence.ppt"],"summary":"Any rights or freedoms that now exist by way of land claims agreements or may be so acquired."},"labels":{"assignments":["ADS2A","ACE1C","CCID1A"],"generic":["Outlook","Super Teams","Drive","Documentation"]},"votes":{"benign":["examine","but","selling","vendors"],"obscure":["key","with","potential"],"malicious":["marketplace","participating"]},"dossier":{"key_a":"false","key_b":"70","key_c":"true","key_d":"false","key_e":"29"}},"assemblyline":{"antivirus":[{"type":"the","subtype":"us","value":"role","verdict":"suspicious"},{"type":"are","subtype":"partners","value":"assist","verdict":"info"}],"attribution":[{"type":"partners","subtype":"open","value":"Canada","verdict":"suspicious"},{"type":"the","subtype":"The","value":"problems","verdict":"suspicious"}],"behaviour":[{"type":"services","subtype":"support","value":"Build","verdict":"info"}],"domain":[{"type":"potential","subtype":"learn","value":"academia","verdict":"our"},{"type":"evaluate","subtype":"in","value":"do","verdict":"technologies"},{"type":"do","subtype":"partnerships","value":"certain","verdict":"For"},{"type":"promote","subtype":"selling","value":"problems","verdict":"an"}],"heuristic":[{"type":"tools","subtype":"provide","value":"selling","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"partnerships","subtype":"testing","value":"supports","verdict":"info"},{"type":"stays","subtype":"bringing","value":"The","verdict":"malicious"},{"type":"government","subtype":"defence","value":"development","verdict":"info"},{"type":"transition","subtype":"to","value":"engaging","verdict":"suspicious"}],"technique":[{"type":"One","subtype":"country","value":"role","verdict":"suspicious"},{"type":"Cyber","subtype":"survey","value":"technologies","verdict":"info"},{"type":"do","subtype":"Government","value":"services","verdict":"info"}]},"uri":[{"type":"role","subtype":"security","value":"Program","verdict":"improve"},{"type":"partnerships","subtype":"our","value":"commercial","verdict":"in"},{"type":"technology","subtype":"provide","value":"support","verdict":"companies"},{"type":"constantly","subtype":"more","value":"Build","verdict":"technical"}],"yara":[{"type":"We","subtype":"Program","value":"with","verdict":"safe"},{"type":"stays","subtype":"edge","value":"innovation","verdict":"suspicious"},{"type":"problems","subtype":"bringing","value":"services","verdict":"malicious"}]},"agent":{"id":"across","name":"commercial.ppt","type":"technologies","version":"4.3.1"},"cbs":{"sharepoint":{"created":{"application":"engaging","user":"admin"},"modified":{"application":"defence","user":"admin"}}},"cloud":{"account":{"id":"6vbQg3tUCWFRnewLWZtPrW","name":"innovative_innovation_across.ppt"},"availability_zone":"industry","instance":{"id":"problems","name":"security_innovation.gif"},"machine":{"type":"visit"},"project":{"id":"key","name":"private_engaging_with.lnk"},"provider":"complex","region":"transition","service":{"name":"Google Docs"},"tenant_id":"eGF71kK7q9WpHbokWDbhU"},"container":{"id":"programs","image":{"hash":{"all":["companies","us","by"]},"name":"survey_programs_canada.pdf","tag":["private"]},"labels":{"key_a":"key","key_b":"partners","key_c":"of","key_d":"innovation"},"name":"for_services_key.jpg","runtime":"Centre"},"destination":{"address":"Centre","bytes":1688,"domain":"order.biz","geo":{"city_name":"testing_innovation.exe","continent_code":"open","continent_name":"cyber_companies.xls","country_iso_code":"also","country_name":"certain.doc","location":{"lon":3531.28,"lat":2006.93},"name":"we_all_one.jpg","postal_code":"goods","region_iso_code":"Innovation","region_name":"enhanced_for.exe","timezone":"academia"},"ip":"119.169.149.102","mac":"b2:90:0a:90:f1:85","nat":{"ip":"24.148.200.62","port":1285},"packets":1126,"port":2148},"dns":{"answers":[{"class":"levels","data":"new","name":"also_visit.exe","ttl":2831,"type":"innovations"},{"class":"survey","data":"Government","name":"innovations.exe","ttl":3806,"type":"our"}],"header_flags":["sizes","transition","potential"],"id":"also","op_code":"other","question":{"class":"do","name":"survey.exe","registered_domain":"supports.edu","subdomain":"improve.com","top_level_domain":"cyber.edu","type":"engaging"},"resolved_ip":["35.142.200.153","169.201.185.203"],"response_code":"them","type":"Cyber"},"ecs":{"version":"7.2.4"},"error":{"code":"services","message":"new"},"event":{"action":"levels","category":["driver","process","network"],"code":"assist","created":"2023-03-06T11:26:22.437065Z","dataset":"in","duration":1154,"end":"2023-03-09T18:40:37.437078Z","hash":"evaluate","id":"7VVpyU7sEx5ZGM3dY0wip0","ingested":"2023-03-08T18:24:36.437088Z","kind":"pipeline_error","module":"support","original":"more","outcome":"success","provider":"AssemblyLine","reason":"edge","reference":"invite","risk_score":924.47,"risk_score_norm":3460.03,"sequence":1911,"severity":3930,"start":"2023-02-23T18:00:46.437119Z","timezone":"performs","type":["error","info","indicator","group"],"url":"innovative"},"email":{"attachments":[{"file":{"extension":"BCIP","hash":{"md5":"335e2f15f71f530bfc81e1f1f4ec475a","sha1":"6f5f3bf94f01654a625891cd9fd81c8c1ff12088","sha256":"efb5466b1e47facf101aa9c74880798045a466d5d806adf83b4e785b8b05a3ed","sha384":"77a2b2c96306409fbb8a37bd9e1e6c1bd032cb1ec075202bb32574d97b8c0998f6e92058afaabcebeb7211ebc4ede2f5","sha512":"f73b7295d046a895522f18c3f3d83ca56eb54602afce0ee9abec66702705e1627b9fdc80db99651af5509b3e10c74878e7507e196d8b5f94a2f018c584a017c6","ssdeep":"9573:vglnM8w9JAwBokvO9B7zBN5jJbnO7bDRzBvnpAI1Pnz6FMGTZJw69MlLR4Rtg:pIzRNQ1iGYP4KbYLJoMseOe1f3V51bJn6EAByA4NT4tP","tlsh":"problems"},"mime_type":"all","name":"tools.jpg","size":3631}}],"bcc":{"address":"tools@order.ca"},"cc":{"address":"industry@program.biz"},"content_type":"marketplace","delivery_timestamp":"2023-03-02T14:22:54.437357Z","direction":"the","from":{"address":"edge@for.com"},"local_id":"6TL1fesNs6CCgJc1HikJM0","message_id":"2vmWNsxXeFHdXFkfVOw29h","origination_timestamp":"2023-03-05T00:09:10.437414Z","reply_to":{"address":"defence@industry.com"},"sender":{"address":"centre@provide.biz"},"subject":"learn","to":{"address":"supports@market.ca"},"x_mailer":"provide","parent":{"bcc":{"address":"learn@assist.com"},"cc":{"address":"improve@bcip.ca"},"from":{"address":"government@levels.ca"},"message_id":"277S9PNnyvyv8SKjJw1Mla","origination_timestamp":"2023-02-17T19:12:04.437471Z","subject":"more","to":{"address":"build@improve.edu"},"source":"99.93.110.6","destination":"218.174.89.134"}},"faas":{"coldstart":true,"execution":"Innovation","id":"of","name":"canadian_examine.ppt","trigger":{"request_id":"6JdhRPqv9BIjgsx88SJWMu","type":"timer"},"version":"5.0.5"},"file":{"accessed":"2023-02-04T11:03:02.437546Z","attributes":["programs"],"created":"2023-02-24T08:39:00.437557Z","ctime":"2023-02-24T22:17:03.437561Z","device":"work","directory":"private/new","drive_letter":"Build","extension":"cutting","fork_name":"technologies.ppt","gid":"goods","group":"ADMINS","inode":"centre.com","mime_type":"programs","mode":"selling","mtime":"2023-02-24T07:40:42.437601Z","name":"technologies_cyber_edge.gif","owner":"of","path":"government","size":337,"target_path":"but","type":"file","uid":"is","code_signature":{"digest_algorithm":"sha384","exists":true,"signing_id":"3BSCHYYtSJgSh57qS6rrdF","status":"emerging","subject_name":"services_about.lnk","team_id":"4j0SMfHg1qnIX40wBZY4RR","timestamp":"2023-02-13T21:32:42.437685Z","trusted":true,"valid":false},"elf":{"architecture":"laboratory","byte_order":"supports","cpu_type":"innovative","creation_date":"One","exports":["Program","defence","BCIP"],"header":{"abi_version":"8.3.3","class":"innovative","data":"bringing","entrypoint":1992,"object_version":"4.0.6","os_abi":"authority","type":"development","version":"5.4.3"},"imports":["cutting","Centre","The","Program"],"sections":[{"chi2":1271,"entropy":2738,"flags":"cyber","name":"programs_working.gif","physical_offset":"open","physical_size":1205,"type":"BCIP","virtual_address":2748,"virtual_size":3191}],"segments":[{"chi2":2308,"entropy":337,"flags":"collaborating","name":"build_art.xls","physical_offset":"technologies","physical_size":1731,"type":"development","virtual_address":3738,"virtual_size":3879},{"chi2":3217,"entropy":2921,"flags":"programs","name":"complex_selling_in.pdf","physical_offset":"services","physical_size":2928,"type":"BCIP","virtual_address":3624,"virtual_size":3336},{"chi2":2049,"entropy":1786,"flags":"helps","name":"environment_also_industry.gif","physical_offset":"determine","physical_size":1164,"type":"Centre","virtual_address":1085,"virtual_size":3590}],"shared_libraries":["constantly"],"telfhash":"supports"},"hash":{"md5":"dace33e58e1155dfdb67858a8fed8134","sha1":"6c9e66db483f400069aa25f7535c57577b3797e3","sha256":"d9c54b523d8662279de08cca010f550f24e0a4e9206b840160eac4baa4d5a1f3","sha384":"22569f45cfbf15b9fc8d56fe577304e7d2bc7c332ed562cd017430b6cba310df00c03c64ed1cfde1a38681a3117c7492","sha512":"9e356a3546c056820194f55bbdd026f932717177b19baa0bb44bad0ec4bbbb2cc567773adfc0f8dc7b7da17980c1635c266feda90f3668d06a4037e3e35ca98f","ssdeep":"2756:ynm3xIwLNGmgTuAsfnA31B8:ZNABImermN8G8H55IeUPzq","tlsh":"security"},"pe":{"architecture":"order","company":"technology","description":"environment","file_version":"canadian_tools_visit.xls","imphash":"tools","original_file_name":"to_about_their.doc","pehash":"services","product":"Canadian"}},"group":{"domain":"in.edu","id":"companies","name":"complex_testing_but.gif"},"host":{"id":"other","ip":["111.76.151.67","14.86.134.177","92.51.215.167","227.104.212.98"],"mac":["8F607B485F79","5BCB89038662","667158CE07BC","98B67854CC90"],"name":"government_private.lnk","domain":"website.ca","type":"selling"},"http":{"request":{"body":{"bytes":188,"content":"security"},"bytes":3467,"id":"Government","method":"emerging","mime_type":"selling","referrer":"Cyber"},"response":{"body":{"bytes":2012,"content":"promote"},"bytes":1222,"mime_type":"We","status_code":3268},"version":"6.0.9"},"organization":{"id":"3","name":"CED"},"process":{"args":["work","potential","us"],"args_count":743,"command_line":"Centre","end":"2023-02-26T10:02:08.438200Z","entity_id":"2Qqiykz4tp5u5yoXwslRHF","env_vars":{"key_a":"levels","key_b":"all","key_c":"services","key_d":"goods","key_e":"problems"},"executable":"assist","exit_code":755,"interactive":false,"name":"innovation_bringing_new.jpg","parent":[{"args":["sizes"],"args_count":3088,"command_line":"participating","end":"2023-03-01T05:14:21.438304Z","entity_id":"4127SZ4zaNoqQ0MAN1mSSH","env_vars":{"key_a":"open","key_b":"Canada","key_c":"We","key_d":"Program","key_e":"selling"},"executable":"in","exit_code":3497,"interactive":true,"name":"supports_experts_of.xls","pid":3194,"same_as_process":false,"start":"2023-02-04T16:43:30.438364Z","user":{"id":"this","name":"role_emerging_in.lnk"}},{"args":["from","to","private"],"args_count":1832,"command_line":"in","end":"2023-02-15T16:20:01.438394Z","entity_id":"322mlQeqUfHJfuk9NpXKsE","env_vars":{"key_a":"assist"},"executable":"Cyber","exit_code":3270,"interactive":true,"name":"sizes_bringing.xls","pid":870,"same_as_process":true,"start":"2023-02-08T07:00:40.438437Z","user":{"id":"product","name":"feedback.doc"}}],"pid":2267,"same_as_process":true,"start":"2023-03-02T14:42:51.438453Z","title":"visit","uptime":2433,"user":{"id":"but","name":"partners_is.exe"},"working_directory":"constantly/constantly/programs"},"registry":{"data":{"bytes":"with","strings":["engaging","working","invite","security"],"type":"country"},"hive":"academia","key":"also","path":"promote","value":"supports"},"related":{"hash":["is","emerging"],"hosts":["sizes.edu","participating.edu","helps.biz","more.edu"],"ip":["137.66.163.204","149.171.6.194"],"user":["admin","admin","user"],"id":"innovations","uri":["http://provide.com/country/helps/survey/invite/role/Canadian","https://supports.biz/development/us/country/levels","ftp://helps.ca/Centre/authority/across/security/promote/do","http://potential.ca/do/selling"],"signature":["potential","stays","order"]},"server":{"ip":"190.117.111.190","address":"all","domain":"private.biz"},"source":{"address":"defence","bytes":2642,"domain":"supports.ca","geo":{"city_name":"services_to_evaluate.gif","continent_code":"testing","continent_name":"the_by_about.pdf","country_iso_code":"The","country_name":"vendors_also.xls","location":{"lon":2132.75,"lat":3057.22},"name":"learn_their_selling.exe","postal_code":"Canada","region_iso_code":"emerging","region_name":"product_is.doc","timezone":"invite"},"ip":"75.227.198.32","mac":"41:26:3b:82:44:dc","nat":{"ip":"41.242.185.144","port":4021},"packets":989,"port":1500},"threat":{"feed":{"dashboard_id":"3ijJKq1LKkwvYV4pu7BmjB","description":"are","name":"website_in_product.doc","reference":"determine"},"framework":"Custom","group":{"alias":["private","commercial"],"id":"from","name":"constantly_tools.gif","reference":"technology"},"indicator":{"confidence":"industry","description":"Rights and freedoms in Canada.","email":{"address":"Government"},"provider":"promote","reference":"other","scanner_stats":1985,"sightings":3002,"ip":"5.153.24.208","type":"security","first_seen":"2023-02-07T06:55:33.439982Z","last_seen":"2023-02-11T21:46:29.439990Z"},"software":{"alias":["art"],"id":"Centre","name":"transition.lnk","platform":["Program","Government","defence","partners"],"reference":"their","type":"open"},"tactic":{"id":"TA0010","name":"Exfiltration","reference":"Canada"},"technique":{"id":"T1017","name":"Application Deployment Software","reference":"performs"}},"tls":{"version":"8.4.0","version_protocol":"6.3.8","client":{"server_name":"centre_the.doc","ja3":"Canada"},"server":{"ja3s":"more"}},"url":{"domain":"government.biz","extension":"role","fragment":"collaborating","full":"vendors","original":"with","password":"also","path":"promote","port":2333,"query":"of","registered_domain":"order.biz","scheme":"working","subdomain":"services.edu","top_level_domain":"learn.edu","username":"admin"},"user":{"domain":"improve.ca","email":"academia@art.com","full_name":"for.gif","group":{"domain":"environment.com","id":"defence","name":"bcip_is_technologies.gif"},"hash":"authority","id":"commercial","name":"by","roles":["levels","promote","key"]},"user_agent":{"device":{"name":"transition_companies.pdf"},"name":"problems_for_are.jpg","original":"Mozilla/5.0 (iPhone9,4; U; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1","os":{"family":"Centre","full":"state","kernel":"determine","name":"to_visit.xls","platform":"an","type":"BCIP","version":"6.5.8"},"version":"4.1.0"},"vulnerability":{"category":["constantly","engaging","by"],"classification":"from","description":"innovations","enumeration":"new","id":"country","reference":"Innovation","report_id":"11c3WRqtOVLsW24eoMtr23"}},"4rvw0OTz1qJt8e9vjLxeJf":{"timestamp":"2023-02-07T20:27:29.670800Z","labels":{"key_a":"open","key_b":"commercial","key_c":"Centre","key_d":"goods"},"tags":["supports"],"howler":{"id":"4rvw0OTz1qJt8e9vjLxeJf","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Credential Access","hash":"b0f8c8cf45c7f306b0e98d843895f51d1d69cd586a8313ce9c34fc743bd84ea2","related":["To","Build","cutting","on"],"reliability":1810.47,"severity":1803.11,"volume":3125.89,"confidence":509.27,"score":2895.73,"status":"open","scrutiny":"scanned","escalation":"hit","assessment":null,"comment":[{"id":"7Nm3vfXOWmLmoBy3dNVDtK","timestamp":"2023-03-06T23:04:48.670972Z","modified":"2023-02-06T23:09:21.670977Z","value":"Citizens of Canada.","user":"user"},{"id":"1PY319JInGpI4VZPUrm2Py","timestamp":"2023-02-12T10:55:14.671004Z","modified":"2023-02-11T08:50:20.671007Z","value":"The role of the legislature and government of New Brunswick to preserve and promote the status, rights and privileges referred to in subsection is affirmed.","user":"user"},{"id":"62vVW63RPviXnOlP1Y4thU","timestamp":"2023-02-09T20:14:02.671030Z","modified":"2023-03-01T17:14:00.671033Z","value":"Application to territories and territorial authorities.","user":"admin"},{"id":"69J2IY7LloBqsWjhTkPTmv","timestamp":"2023-02-22T09:52:52.671055Z","modified":"2023-03-07T16:11:15.671058Z","value":"Except in the case of an offence under military law tried before a military tribunal, to the benefit of trial by jury where the maximum punishment for the offence is imprisonment for five years or a more severe punishment.","user":"user"},{"modified":"2023-03-10T14:55:02.774954Z","id":"3vvEYzgmDcFHJXzZ9QeZoa","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:02.774886Z"},{"modified":"2023-03-10T14:55:42.263246Z","id":"70zOupJtzDfiwfDxDNfknh","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:42.263196Z"},{"modified":"2023-03-10T15:11:47.892387Z","id":"13D6JpKWh5pFatWqrFYdH0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:47.892298Z"},{"modified":"2023-03-10T15:12:33.817269Z","id":"7hikCYlIVdyZ6GibPBlRZO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:33.817237Z"},{"modified":"2023-03-10T15:13:04.340139Z","id":"nwKH1cHi0ZubpPuoAs1yz","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:04.340091Z"},{"modified":"2023-03-10T15:13:27.957936Z","id":"3xBp8PxQ9F7LNoRt0lqGfZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:27.957890Z"},{"modified":"2023-03-10T15:14:23.376973Z","id":"6VxkbWYIfBSEjo5R1zNBIi","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:23.376928Z"},{"modified":"2023-03-10T15:14:50.032662Z","id":"5OHbPvnWkAZFOxvlT6u2D2","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:50.032629Z"},{"modified":"2023-03-10T15:19:10.613132Z","id":"6RtusyyzTZO9dIMz4HvHvB","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:10.613087Z"},{"modified":"2023-03-10T15:20:03.445105Z","id":"7f0ZOBPlfFAAQLaaUKgsMa","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:03.445042Z"},{"modified":"2023-03-10T15:21:41.691331Z","id":"4df7HUXxewYG1eaVHkD9Bz","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:41.691276Z"},{"modified":"2023-03-10T15:23:15.693779Z","id":"49t2cI5hoLt6eV5MMlgXmV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:15.693743Z"},{"modified":"2023-03-10T15:26:30.387737Z","id":"14zG86WrEtGPFxIkUnr4Wj","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:30.387696Z"},{"modified":"2023-03-10T15:31:02.332560Z","id":"3kqqB5fQQNwuJqPISYQDPO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:02.332525Z"},{"modified":"2023-03-10T15:34:16.844824Z","id":"2a7Yw3jA4SffAgZRtScKWP","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:16.844786Z"},{"modified":"2023-03-10T15:40:27.685247Z","id":"6QVV4X88uFelBRk3ZhL4LX","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:27.685211Z"}],"log":[{"timestamp":"2023-02-18T18:44:42.671067Z","key":"problems","explanation":"Any laws or practices of general application in force in a province other than those that discriminate among persons primarily on the basis of province of present or previous residence.","new_value":"open","type":"appended","previous_value":"marketplace","user":"user"},{"timestamp":"2023-03-03T00:43:07.671086Z","key":"innovative","explanation":"English and French linguistic communities in New Brunswick.","new_value":"One","type":"removed","previous_value":"vendors","user":"admin"},{"timestamp":"2023-02-24T06:27:31.671102Z","key":"environment","explanation":"Arrest or detention.","new_value":"evaluate","type":"removed","previous_value":"BCIP","user":"user"},{"timestamp":"2023-02-06T10:12:24.671117Z","key":"learn","explanation":"Not to be denied reasonable bail without just cause.","new_value":"goods","type":"appended","previous_value":"the","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3vvEYzgmDcFHJXzZ9QeZoa\\", \\"timestamp\\": \\"2023-03-10T14:55:02.774886Z\\", \\"modified\\": \\"2023-03-10T14:55:02.774954Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:02.858948Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"70zOupJtzDfiwfDxDNfknh\\", \\"timestamp\\": \\"2023-03-10T14:55:42.263196Z\\", \\"modified\\": \\"2023-03-10T14:55:42.263246Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:42.337918Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"13D6JpKWh5pFatWqrFYdH0\\", \\"timestamp\\": \\"2023-03-10T15:11:47.892298Z\\", \\"modified\\": \\"2023-03-10T15:11:47.892387Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:47.975380Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7hikCYlIVdyZ6GibPBlRZO\\", \\"timestamp\\": \\"2023-03-10T15:12:33.817237Z\\", \\"modified\\": \\"2023-03-10T15:12:33.817269Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:33.889787Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"nwKH1cHi0ZubpPuoAs1yz\\", \\"timestamp\\": \\"2023-03-10T15:13:04.340091Z\\", \\"modified\\": \\"2023-03-10T15:13:04.340139Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:04.426787Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3xBp8PxQ9F7LNoRt0lqGfZ\\", \\"timestamp\\": \\"2023-03-10T15:13:27.957890Z\\", \\"modified\\": \\"2023-03-10T15:13:27.957936Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:28.037032Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6VxkbWYIfBSEjo5R1zNBIi\\", \\"timestamp\\": \\"2023-03-10T15:14:23.376928Z\\", \\"modified\\": \\"2023-03-10T15:14:23.376973Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:23.450370Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5OHbPvnWkAZFOxvlT6u2D2\\", \\"timestamp\\": \\"2023-03-10T15:14:50.032629Z\\", \\"modified\\": \\"2023-03-10T15:14:50.032662Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:50.101742Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6RtusyyzTZO9dIMz4HvHvB\\", \\"timestamp\\": \\"2023-03-10T15:19:10.613087Z\\", \\"modified\\": \\"2023-03-10T15:19:10.613132Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:10.732303Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7f0ZOBPlfFAAQLaaUKgsMa\\", \\"timestamp\\": \\"2023-03-10T15:20:03.445042Z\\", \\"modified\\": \\"2023-03-10T15:20:03.445105Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:03.568049Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4df7HUXxewYG1eaVHkD9Bz\\", \\"timestamp\\": \\"2023-03-10T15:21:41.691276Z\\", \\"modified\\": \\"2023-03-10T15:21:41.691331Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:41.779754Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"49t2cI5hoLt6eV5MMlgXmV\\", \\"timestamp\\": \\"2023-03-10T15:23:15.693743Z\\", \\"modified\\": \\"2023-03-10T15:23:15.693779Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:15.798431Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"14zG86WrEtGPFxIkUnr4Wj\\", \\"timestamp\\": \\"2023-03-10T15:26:30.387696Z\\", \\"modified\\": \\"2023-03-10T15:26:30.387737Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:30.506862Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3kqqB5fQQNwuJqPISYQDPO\\", \\"timestamp\\": \\"2023-03-10T15:31:02.332525Z\\", \\"modified\\": \\"2023-03-10T15:31:02.332560Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:02.403474Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2a7Yw3jA4SffAgZRtScKWP\\", \\"timestamp\\": \\"2023-03-10T15:34:16.844786Z\\", \\"modified\\": \\"2023-03-10T15:34:16.844824Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:16.914914Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6QVV4X88uFelBRk3ZhL4LX\\", \\"timestamp\\": \\"2023-03-10T15:40:27.685211Z\\", \\"modified\\": \\"2023-03-10T15:40:27.685247Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:27.772246Z"}],"retained":"do","monitored":"also","reported":"website","mitigated":"new","outline":{"threat":"178.189.163.198","target":"to.biz","indicators":["collaborating_program_but.gif","engaging_program.doc","the.xls","more_also_to.doc","open.exe","learn_other_bringing.exe","companies.doc","marketplace.xls","the_companies.xls","sizes_art_determine.exe","us.xls","canadian.jpg","an_evaluate.jpg","state.ppt","order.lnk","innovative_role_open.exe","stays_academia.doc","testing.doc","with_this_is.jpg"],"summary":"Legal Rights."},"labels":{"assignments":["ACE1C","ADS4B","APA1B"],"generic":["Danger","Super Teams","Outlook"]},"votes":{"benign":["order","experts","with"],"obscure":["our"],"malicious":["product","our","invite"]},"dossier":{"key_a":"provide","key_b":"false","key_c":"new"}},"assemblyline":{"antivirus":[{"type":"website","subtype":"improve","value":"is","verdict":"suspicious"},{"type":"assist","subtype":"more","value":"innovative","verdict":"suspicious"},{"type":"potential","subtype":"edge","value":"an","verdict":"suspicious"}],"attribution":[{"type":"emerging","subtype":"market","value":"services","verdict":"malicious"}],"behaviour":[{"type":"partnerships","subtype":"potential","value":"invite","verdict":"safe"}],"domain":[{"type":"work","subtype":"working","value":"website","verdict":"also"},{"type":"collaborating","subtype":"goods","value":"marketplace","verdict":"all"},{"type":"technologies","subtype":"art","value":"selling","verdict":"supports"}],"heuristic":[{"type":"but","subtype":"in","value":"new","verdict":"malicious"},{"type":"laboratory","subtype":"We","value":"commercial","verdict":"info"}],"mitre":{"tactic":[{"type":"to","subtype":"authority","value":"services","verdict":"safe"},{"type":"are","subtype":"private","value":"security","verdict":"malicious"}],"technique":[{"type":"laboratory","subtype":"in","value":"sizes","verdict":"suspicious"},{"type":"more","subtype":"technical","value":"with","verdict":"info"},{"type":"Canadian","subtype":"this","value":"Canada","verdict":"suspicious"}]},"uri":[{"type":"art","subtype":"security","value":"all","verdict":"marketplace"},{"type":"constantly","subtype":"art","value":"role","verdict":"evaluate"},{"type":"on","subtype":"this","value":"selling","verdict":"order"}],"yara":[{"type":"role","subtype":"are","value":"invite","verdict":"malicious"},{"type":"transition","subtype":"role","value":"The","verdict":"suspicious"}]},"agent":{"id":"on","name":"innovation_also_laboratory.doc","type":"new","version":"7.2.6"},"cbs":{"sharepoint":{"created":{"application":"about","user":"user"},"modified":{"application":"BCIP","user":"admin"}}},"cloud":{"account":{"id":"6LAZ1m3egzhkTikPsiDhLi","name":"open.gif"},"availability_zone":"innovations","instance":{"id":"promote","name":"but.ppt"},"machine":{"type":"academia"},"project":{"id":"assist","name":"potential_helps.lnk"},"provider":"technical","region":"performs","service":{"name":"Office365"},"tenant_id":"1ZNrgG9ZbzpAyheteslSn1"},"container":{"id":"open","image":{"hash":{"all":["goods","experts","art","improve"]},"name":"stays_security.doc","tag":["product","partnerships"]},"labels":{"key_a":"from","key_b":"of","key_c":"One","key_d":"marketplace","key_e":"experts"},"name":"the_transition.gif","runtime":"assist"},"destination":{"address":"companies","bytes":729,"domain":"certain.biz","geo":{"city_name":"enhanced.gif","continent_code":"Canadian","continent_name":"laboratory_government_technology.doc","country_iso_code":"potential","country_name":"about.xls","location":{"lon":3945.95,"lat":1048.37},"name":"order_do_in.lnk","postal_code":"Cyber","region_iso_code":"determine","region_name":"vendors_collaborating.jpg","timezone":"To"},"ip":"185.4.34.133","mac":"51:53:7b:24:47:7a","nat":{"ip":"122.81.22.40","port":685},"packets":3176,"port":537},"dns":{"answers":[{"class":"certain","data":"commercial","name":"security_problems_government.exe","ttl":3509,"type":"testing"},{"class":"For","data":"Innovation","name":"stays.pdf","ttl":3491,"type":"new"}],"header_flags":["government","Cyber","vendors"],"id":"new","op_code":"our","question":{"class":"new","name":"all.xls","registered_domain":"the.edu","subdomain":"for.biz","top_level_domain":"us.edu","type":"participating"},"resolved_ip":["106.199.24.134"],"response_code":"To","type":"constantly"},"ecs":{"version":"6.5.6"},"error":{"code":"by","message":"Program"},"event":{"action":"defence","category":["session","authentication","session"],"code":"all","created":"2023-03-06T07:02:01.671770Z","dataset":"innovative","duration":2866,"end":"2023-02-25T18:43:07.671780Z","hash":"invite","id":"4rvw0OTz1qJt8e9vjLxeJf","ingested":"2023-02-12T14:42:20.671787Z","kind":"signal","module":"helps","original":"Build","outcome":"failure","provider":"HBS","reason":"authority","reference":"goods","risk_score":3547.15,"risk_score_norm":2204.29,"sequence":1083,"severity":3228,"start":"2023-02-22T01:05:41.671814Z","timezone":"transition","type":["connection","group","user","indicator"],"url":"tools"},"email":{"attachments":[{"file":{"extension":"innovative","hash":{"md5":"d244d166711eb965230fd98697b7c60a","sha1":"6bf2908a5620cabe2848b979a9e882220fbba277","sha256":"5863f61d545df3935f17d2952b135bf6bc63ef918c45c46ba39e2fae870a08b2","sha384":"8a1abe3f2f6a9b06a7f9af523b568c3cc73c2af2acc571a9f702e94e3845f5f743db60fd46a8598cbbf7d6d7401eebd7","sha512":"09d020799ddc1436d754e4152511b94d2eb624d725edcdae06bdbeb2d8764c37f25e4db6760c26307a7e9a74bb4369247244c3874472574f653b68712c796092","ssdeep":"60697:6uzeDwmq6GKJF4wvCC7rC2M7x8EwKu:u2IoAUZduQ4e9fuoGwgTSw86IsssBZV1KGPPlS5MSIXCuIzRMFh","tlsh":"environment"},"mime_type":"to","name":"all_selling_tools.lnk","size":2563}},{"file":{"extension":"cutting","hash":{"md5":"debf6566e0374d56eba56cb30a5e69d3","sha1":"03cf7b113d6e17d38eac38200a874d7a1d0d8a61","sha256":"a3f6fc77fb04b3344e381f1a64df3c5fb9c6d17d6d542f45c235235aa7bcaaed","sha384":"fcc7f92cd279a25409b25ba895779dbdca103521f618c04eaa8f251ab3e8e74f5938273794af070c3136359219ba14d8","sha512":"eb9c513f68063502963800bb28e206ca66f56a878885f7e2ff271890a39936866f7b5e577a92135c9c05f2d6ad4deae168b1152ce12a8e28d3be7fb766419afb","ssdeep":"54325:THgIxoi6aqJ8qvk5Urep3s3myOqgL3hAP5:vqeY2trJaG2G03zAUp5LwofC7e9Q5RDf4Fpa4GxXH8n","tlsh":"our"},"mime_type":"emerging","name":"testing_emerging.jpg","size":3276}}],"bcc":{"address":"bringing@bringing.biz"},"cc":{"address":"market@certain.edu"},"content_type":"the","delivery_timestamp":"2023-02-12T02:37:25.672158Z","direction":"testing","from":{"address":"cyber@we.ca"},"local_id":"4PPaHwgmUfchSGSmEVKMfn","message_id":"4BiivHo3XIB7GLubO1h3Fj","origination_timestamp":"2023-02-12T02:42:35.672206Z","reply_to":{"address":"certain@cyber.ca"},"sender":{"address":"canada@open.edu"},"subject":"cutting","to":{"address":"innovative@key.edu"},"x_mailer":"transition","parent":{"bcc":{"address":"the@goods.com"},"cc":{"address":"testing@also.ca"},"from":{"address":"about@we.edu"},"message_id":"5ucn9pcfsNTVqLOI0o7hFu","origination_timestamp":"2023-03-08T06:01:49.672278Z","subject":"environment","to":{"address":"feedback@environment.ca"},"source":"57.148.89.111","destination":"18.119.53.117"}},"faas":{"coldstart":false,"execution":"of","id":"academia","name":"cutting_canada_examine.xls","trigger":{"request_id":"1Sgx6tU8atMXObKVlB6gIB","type":"timer"},"version":"4.2.6"},"file":{"accessed":"2023-02-25T09:01:46.672356Z","attributes":["about","also","innovations"],"created":"2023-02-22T20:39:30.672370Z","ctime":"2023-02-19T07:40:52.672373Z","device":"transition","directory":"product/bringing","drive_letter":"technical","extension":"work","fork_name":"with_in.xls","gid":"levels","group":"ANALYSTS","inode":"in.biz","mime_type":"cutting","mode":"marketplace","mtime":"2023-02-20T10:39:41.672406Z","name":"open_support.exe","owner":"certain","path":"companies","size":401,"target_path":"stays","type":"symlink","uid":"art","code_signature":{"digest_algorithm":"sha1","exists":true,"signing_id":"5G0FWQGcURvswiheBcSxFf","status":"BCIP","subject_name":"marketplace_helps_promote.exe","team_id":"7cGQHMWqD67flUe9PSWaLO","timestamp":"2023-02-16T09:35:59.672477Z","trusted":false,"valid":false},"elf":{"architecture":"tools","byte_order":"testing","cpu_type":"tools","creation_date":"certain","exports":["Canada","edge"],"header":{"abi_version":"4.2.6","class":"about","data":"other","entrypoint":2972,"object_version":"7.5.8","os_abi":"do","type":"Government","version":"4.3.5"},"imports":["cutting"],"sections":[{"chi2":4084,"entropy":728,"flags":"problems","name":"program_state_we.pdf","physical_offset":"engaging","physical_size":1337,"type":"all","virtual_address":1227,"virtual_size":2810}],"segments":[{"chi2":2838,"entropy":1587,"flags":"art","name":"cyber_learn.ppt","physical_offset":"The","physical_size":147,"type":"selling","virtual_address":3427,"virtual_size":3438},{"chi2":853,"entropy":2624,"flags":"state","name":"on.lnk","physical_offset":"also","physical_size":1437,"type":"on","virtual_address":1506,"virtual_size":853},{"chi2":799,"entropy":3939,"flags":"innovative","name":"development_centre_build.jpg","physical_offset":"the","physical_size":1215,"type":"technical","virtual_address":1682,"virtual_size":854},{"chi2":2983,"entropy":3949,"flags":"programs","name":"examine_working.exe","physical_offset":"sizes","physical_size":3684,"type":"open","virtual_address":2586,"virtual_size":1513}],"shared_libraries":["new","open"],"telfhash":"certain"},"hash":{"md5":"fd0acfd801f19f94d3475e590a2d950f","sha1":"800f022c3ca0ef7a16655ba9e189cc97d61fd211","sha256":"d3854d02e5c80c87bea3d432231f02f2394bd7b00505d8b1ba117ec6bc8bc755","sha384":"f8f21ff2179e13bba5537e5e48f56fd820ec7294aa9f1d6cd42b893f109275d5c798c5e30b74f3f9194f52443f75fff4","sha512":"c53a36c812aa8521697d891d9590573c996ad09e5eef92692f363dc3c8fd1fe05b70a6ffc78487bd95eae0e4296216e93902e453d7dbc3f5ec9ed5649666e061","ssdeep":"2494:lLpIe8ayPcz5shw4xEUUhAmo4m3fdO8SUIw2:OMiRp9egVl3PyRYPAtDRFm0XRP","tlsh":"more"},"pe":{"architecture":"our","company":"complex","description":"technologies","file_version":"to_experts.pdf","imphash":"new","original_file_name":"innovations.xls","pehash":"evaluate","product":"Build"}},"group":{"domain":"constantly.biz","id":"also","name":"engaging_build_but.ppt"},"host":{"id":"potential","ip":["214.46.242.236","202.81.230.134","121.212.21.12","79.90.253.157"],"mac":["609BB1C79C55"],"name":"innovation.doc","domain":"potential.ca","type":"Centre"},"http":{"request":{"body":{"bytes":3971,"content":"goods"},"bytes":2849,"id":"security","method":"defence","mime_type":"academia","referrer":"performs"},"response":{"body":{"bytes":1068,"content":"on"},"bytes":2999,"mime_type":"companies","status_code":3441},"version":"7.1.7"},"organization":{"id":"92","name":"OCI"},"process":{"args":["complex","bringing","laboratory"],"args_count":1867,"command_line":"us","end":"2023-02-20T14:21:36.672968Z","entity_id":"2DLlE0jUtjVqQ7ZAlBRvzt","env_vars":{"key_a":"problems","key_b":"innovation","key_c":"our"},"executable":"by","exit_code":1467,"interactive":false,"name":"determine_selling.xls","parent":[{"args":["product"],"args_count":3268,"command_line":"participating","end":"2023-02-04T01:03:08.673032Z","entity_id":"ylwWEGAUjZsOVkO1ywJzX","env_vars":{"key_a":"market","key_b":"evaluate","key_c":"with","key_d":"tools","key_e":"commercial"},"executable":"helps","exit_code":2802,"interactive":true,"name":"support_bringing.gif","pid":3566,"same_as_process":false,"start":"2023-02-20T18:38:55.673097Z","user":{"id":"survey","name":"engaging_engaging_sizes.xls"}},{"args":["One","development"],"args_count":2912,"command_line":"product","end":"2023-02-09T07:01:25.673121Z","entity_id":"6g2VJweEpKgqngYCfv4vrB","env_vars":{"key_a":"determine","key_b":"participating","key_c":"do","key_d":"levels"},"executable":"academia","exit_code":3248,"interactive":true,"name":"stays_laboratory.gif","pid":1963,"same_as_process":true,"start":"2023-02-27T15:55:53.673166Z","user":{"id":"To","name":"us_private.ppt"}},{"args":["learn","do","security","technology"],"args_count":889,"command_line":"Centre","end":"2023-03-03T22:56:06.673192Z","entity_id":"q9NBYEyCDly9Dzpq0ECcn","env_vars":{"key_a":"working"},"executable":"by","exit_code":785,"interactive":true,"name":"complex_but.gif","pid":1413,"same_as_process":true,"start":"2023-02-04T06:17:43.673230Z","user":{"id":"evaluate","name":"technologies_constantly_academia.ppt"}}],"pid":2256,"same_as_process":false,"start":"2023-02-13T10:34:43.673246Z","title":"more","uptime":1946,"user":{"id":"cyber","name":"the.exe"},"working_directory":"determine/innovation/this/the"},"registry":{"data":{"bytes":"working","strings":["is","art"],"type":"security"},"hive":"development","key":"also","path":"are","value":"technologies"},"related":{"hash":["marketplace","new"],"hosts":["program.edu","by.com","innovation.ca","of.com"],"ip":["143.208.184.177"],"user":["user","admin","admin"],"id":"Program","uri":["ftp://collaborating.biz/problems/new/on/Government/Cyber","https://centre.ca/environment/learn/their"],"signature":["bringing"]},"server":{"ip":"113.66.239.149","address":"levels","domain":"website.biz"},"source":{"address":"experts","bytes":1058,"domain":"experts.com","geo":{"city_name":"experts_selling_authority.lnk","continent_code":"BCIP","continent_name":"build.doc","country_iso_code":"sizes","country_name":"the_government_order.exe","location":{"lon":1707.66,"lat":1830.38},"name":"do_by_feedback.ppt","postal_code":"security","region_iso_code":"with","region_name":"canada_determine_development.doc","timezone":"experts"},"ip":"209.175.217.133","mac":"6b:47:89:11:eb:50","nat":{"ip":"249.198.133.10","port":1343},"packets":3174,"port":205},"threat":{"feed":{"dashboard_id":"5IdQZId7gQtHn9Gcr7jeRn","description":"an","name":"program_role_country.xls","reference":"of"},"framework":"MITRE ATT&CK","group":{"alias":["services","our","edge","technologies"],"id":"promote","name":"promote_determine.doc","reference":"levels"},"indicator":{"confidence":"state","description":"Legislative powers not extended.","email":{"address":"to"},"provider":"Government","reference":"levels","scanner_stats":313,"sightings":3670,"ip":"106.97.52.142","type":"them","first_seen":"2023-02-23T15:05:54.673551Z","last_seen":"2023-03-01T12:11:26.673555Z"},"software":{"alias":["security","To","performs","security"],"id":"art","name":"their.gif","platform":["with","innovation"],"reference":"constantly","type":"on"},"tactic":{"id":"TA0006","name":"Credential Access","reference":"goods"},"technique":{"id":"T1566.001","name":"Spearphishing Attachment","reference":"technology"}},"tls":{"version":"8.5.8","version_protocol":"4.4.8","client":{"server_name":"but_innovative_work.lnk","ja3":"Build"},"server":{"ja3s":"private"}},"url":{"domain":"cutting.edu","extension":"other","fragment":"transition","full":"with","original":"do","password":"open","path":"assist","port":3930,"query":"state","registered_domain":"private.biz","scheme":"visit","subdomain":"security.ca","top_level_domain":"companies.ca","username":"admin"},"user":{"domain":"are.biz","email":"companies@cutting.edu","full_name":"new_technologies.lnk","group":{"domain":"laboratory.edu","id":"problems","name":"goods_technologies.lnk"},"hash":"learn","id":"Government","name":"with","roles":["this","more","to","on"]},"user_agent":{"device":{"name":"performs_other.exe"},"name":"an_art_collaborating.ppt","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"across","full":"survey","kernel":"bringing","name":"we_website.jpg","platform":"open","type":"also","version":"5.2.0"},"version":"5.2.9"},"vulnerability":{"category":["from","new"],"classification":"innovative","description":"authority","enumeration":"testing","id":"more","reference":"industry","report_id":"6lvhATFn2SbRNiBHvRfTcB"}},"4iC051nrNOeZT6SuIDCpzw":{"timestamp":"2023-02-08T22:54:32.285377Z","labels":{"key_a":"role","key_b":"support","key_c":"in","key_d":"market","key_e":"vendors"},"tags":["learn","supports","environment"],"howler":{"id":"4iC051nrNOeZT6SuIDCpzw","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Lateral Movement","hash":"894b0a42ef13043e0d80c9f7b9d89fcf93fc7b87f27aabd40d80150cf3fc9f3f","related":["transition","The","certain","open"],"reliability":206.31,"severity":1384.68,"volume":3122.12,"confidence":527.4,"score":406.02,"status":"open","scrutiny":"investigated","escalation":"hit","assessment":null,"comment":[{"id":"1dQAwdI2QsYJS8xynsmnea","timestamp":"2023-02-19T03:17:40.285673Z","modified":"2023-02-15T07:29:49.285680Z","value":"The rights specified in subsection are subject to.","user":"shawnh"},{"id":"6hNo9JylHepT5bVQIOeTiW","timestamp":"2023-02-22T12:24:14.285708Z","modified":"2023-02-27T14:05:10.285712Z","value":"Continuation in special circumstances.","user":"shawnh"},{"id":"3Xx5YlQwdeWxLZEBHtXgqK","timestamp":"2023-03-07T08:10:48.285737Z","modified":"2023-02-20T11:25:09.285740Z","value":"New Brunswick statutes and records.","user":"admin"},{"modified":"2023-03-10T14:55:03.130728Z","id":"1D2WR7wKAdnXWQetaA6lRq","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:03.130691Z"},{"modified":"2023-03-10T14:55:42.557633Z","id":"7Q6ilijconTJwnc57CuDB2","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:42.557599Z"},{"modified":"2023-03-10T15:11:48.211820Z","id":"1sPrIHVVuOdIX127n5yzZ5","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:48.211779Z"},{"modified":"2023-03-10T15:12:34.133159Z","id":"14sjaIoc29FLkQEtXdfRNC","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:34.133118Z"},{"modified":"2023-03-10T15:13:04.660887Z","id":"1q5faszmgpEvSszoFKKi6M","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:04.660850Z"},{"modified":"2023-03-10T15:13:28.274154Z","id":"1BaA37rVOa8aKTxJCHyod2","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:28.274118Z"},{"modified":"2023-03-10T15:14:23.664843Z","id":"2bx0ZlDkMOAEDm8zf4hOOK","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:23.664808Z"},{"modified":"2023-03-10T15:14:50.317311Z","id":"5n1S9vdgA8PZzsZ42M0jf0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:50.317278Z"},{"modified":"2023-03-10T15:19:10.990054Z","id":"6rpyboDRP6lNiupElgf5hH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:10.989995Z"},{"modified":"2023-03-10T15:20:03.851706Z","id":"6GpFsf14VAjS10shKcOa3q","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:03.851663Z"},{"modified":"2023-03-10T15:21:42.058354Z","id":"75NvtQ2DN361jr7nHhegOC","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:42.058274Z"},{"modified":"2023-03-10T15:23:16.067422Z","id":"4Jq78TeCzZCekbi4W4WrfU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:16.067369Z"},{"modified":"2023-03-10T15:26:30.844087Z","id":"1f6H52eKl3bm7l0b2TykGT","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:30.844035Z"},{"modified":"2023-03-10T15:31:02.636216Z","id":"4Tq0RaDGYKdj4DlHi4eNlL","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:02.636176Z"},{"modified":"2023-03-10T15:34:17.148590Z","id":"7FhqRfB0KPWjTUOxR5Mkn7","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:17.148553Z"},{"modified":"2023-03-10T15:40:27.997450Z","id":"23PkMIIJcbhonKRWnwHqiw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:27.997410Z"}],"log":[{"timestamp":"2023-02-08T11:51:32.285750Z","key":"examine","explanation":"Legislative powers not extended.","new_value":"to","type":"appended","previous_value":"private","user":"admin"},{"timestamp":"2023-02-25T07:40:03.285770Z","key":"our","explanation":"Any laws providing for reasonable residency requirements as a qualification for the receipt of publicly provided social services.","new_value":"in","type":"removed","previous_value":"environment","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1D2WR7wKAdnXWQetaA6lRq\\", \\"timestamp\\": \\"2023-03-10T14:55:03.130691Z\\", \\"modified\\": \\"2023-03-10T14:55:03.130728Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:03.222434Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7Q6ilijconTJwnc57CuDB2\\", \\"timestamp\\": \\"2023-03-10T14:55:42.557599Z\\", \\"modified\\": \\"2023-03-10T14:55:42.557633Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:42.629635Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1sPrIHVVuOdIX127n5yzZ5\\", \\"timestamp\\": \\"2023-03-10T15:11:48.211779Z\\", \\"modified\\": \\"2023-03-10T15:11:48.211820Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:48.282486Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"14sjaIoc29FLkQEtXdfRNC\\", \\"timestamp\\": \\"2023-03-10T15:12:34.133118Z\\", \\"modified\\": \\"2023-03-10T15:12:34.133159Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:34.207757Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1q5faszmgpEvSszoFKKi6M\\", \\"timestamp\\": \\"2023-03-10T15:13:04.660850Z\\", \\"modified\\": \\"2023-03-10T15:13:04.660887Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:04.738431Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1BaA37rVOa8aKTxJCHyod2\\", \\"timestamp\\": \\"2023-03-10T15:13:28.274118Z\\", \\"modified\\": \\"2023-03-10T15:13:28.274154Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:28.344569Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2bx0ZlDkMOAEDm8zf4hOOK\\", \\"timestamp\\": \\"2023-03-10T15:14:23.664808Z\\", \\"modified\\": \\"2023-03-10T15:14:23.664843Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:23.734645Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5n1S9vdgA8PZzsZ42M0jf0\\", \\"timestamp\\": \\"2023-03-10T15:14:50.317278Z\\", \\"modified\\": \\"2023-03-10T15:14:50.317311Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:50.385403Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6rpyboDRP6lNiupElgf5hH\\", \\"timestamp\\": \\"2023-03-10T15:19:10.989995Z\\", \\"modified\\": \\"2023-03-10T15:19:10.990054Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:11.079839Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6GpFsf14VAjS10shKcOa3q\\", \\"timestamp\\": \\"2023-03-10T15:20:03.851663Z\\", \\"modified\\": \\"2023-03-10T15:20:03.851706Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:03.950084Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"75NvtQ2DN361jr7nHhegOC\\", \\"timestamp\\": \\"2023-03-10T15:21:42.058274Z\\", \\"modified\\": \\"2023-03-10T15:21:42.058354Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:42.177113Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Jq78TeCzZCekbi4W4WrfU\\", \\"timestamp\\": \\"2023-03-10T15:23:16.067369Z\\", \\"modified\\": \\"2023-03-10T15:23:16.067422Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:16.151271Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1f6H52eKl3bm7l0b2TykGT\\", \\"timestamp\\": \\"2023-03-10T15:26:30.844035Z\\", \\"modified\\": \\"2023-03-10T15:26:30.844087Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:30.929944Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Tq0RaDGYKdj4DlHi4eNlL\\", \\"timestamp\\": \\"2023-03-10T15:31:02.636176Z\\", \\"modified\\": \\"2023-03-10T15:31:02.636216Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:02.712070Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7FhqRfB0KPWjTUOxR5Mkn7\\", \\"timestamp\\": \\"2023-03-10T15:34:17.148553Z\\", \\"modified\\": \\"2023-03-10T15:34:17.148590Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:17.216964Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"23PkMIIJcbhonKRWnwHqiw\\", \\"timestamp\\": \\"2023-03-10T15:40:27.997410Z\\", \\"modified\\": \\"2023-03-10T15:40:27.997450Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:28.064489Z"}],"retained":"cutting","monitored":"performs","reported":"BCIP","mitigated":"evaluate","outline":{"threat":"188.29.18.183","target":"do.com","indicators":["industry_participating_build.jpg","certain.ppt","their.jpg","laboratory_development.ppt"],"summary":"Aboriginal rights and freedoms not affected by Charter."},"labels":{"assignments":["APA1B"],"generic":["Super Teams"]},"votes":{"benign":["an","Centre"],"obscure":["bringing","them"],"malicious":["Cyber","evaluate","marketplace","levels"]},"dossier":{"key_a":"false","key_b":"false","key_c":"do"}},"assemblyline":{"antivirus":[{"type":"engaging","subtype":"partners","value":"security","verdict":"info"},{"type":"are","subtype":"government","value":"laboratory","verdict":"info"},{"type":"Cyber","subtype":"Centre","value":"goods","verdict":"safe"}],"attribution":[{"type":"private","subtype":"across","value":"the","verdict":"safe"},{"type":"feedback","subtype":"BCIP","value":"tools","verdict":"info"}],"behaviour":[{"type":"do","subtype":"marketplace","value":"order","verdict":"suspicious"}],"domain":[{"type":"key","subtype":"constantly","value":"improve","verdict":"innovation"},{"type":"assist","subtype":"Program","value":"BCIP","verdict":"We"}],"heuristic":[{"type":"visit","subtype":"private","value":"One","verdict":"info"},{"type":"academia","subtype":"our","value":"Build","verdict":"safe"},{"type":"constantly","subtype":"Centre","value":"cyber","verdict":"malicious"},{"type":"on","subtype":"innovation","value":"cutting","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"authority","subtype":"is","value":"academia","verdict":"info"}],"technique":[{"type":"transition","subtype":"to","value":"promote","verdict":"suspicious"},{"type":"visit","subtype":"programs","value":"of","verdict":"malicious"},{"type":"Cyber","subtype":"technologies","value":"cutting","verdict":"info"},{"type":"more","subtype":"development","value":"Government","verdict":"suspicious"}]},"uri":[{"type":"support","subtype":"enhanced","value":"security","verdict":"across"}],"yara":[{"type":"key","subtype":"Build","value":"complex","verdict":"safe"},{"type":"feedback","subtype":"partners","value":"evaluate","verdict":"malicious"},{"type":"enhanced","subtype":"engaging","value":"industry","verdict":"safe"}]},"agent":{"id":"do","name":"commercial.jpg","type":"invite","version":"8.3.0"},"cbs":{"sharepoint":{"created":{"application":"examine","user":"admin"},"modified":{"application":"role","user":"user"}}},"cloud":{"account":{"id":"1wBEPmAOKHQt1bg970579m","name":"country_authority.exe"},"availability_zone":"Build","instance":{"id":"all","name":"industry_but.jpg"},"machine":{"type":"product"},"project":{"id":"performs","name":"one_helps.pdf"},"provider":"environment","region":"companies","service":{"name":"Google Drive"},"tenant_id":"23pkpOvpFVHgeV6hU9wjO7"},"container":{"id":"product","image":{"hash":{"all":["technical","transition"]},"name":"their.pdf","tag":["visit"]},"labels":{"key_a":"are","key_b":"partners","key_c":"open"},"name":"canada.lnk","runtime":"Government"},"destination":{"address":"stays","bytes":3325,"domain":"problems.com","geo":{"city_name":"problems_problems_our.gif","continent_code":"art","continent_name":"from_testing_key.xls","country_iso_code":"technical","country_name":"of_complex.gif","location":{"lon":942.38,"lat":1631.95},"name":"website_promote_all.xls","postal_code":"supports","region_iso_code":"are","region_name":"performs_do.pdf","timezone":"innovations"},"ip":"250.205.127.132","mac":"e2:cf:ab:11:ee:9b","nat":{"ip":"15.238.202.193","port":206},"packets":1020,"port":3655},"dns":{"answers":[{"class":"do","data":"role","name":"certain_also_art.jpg","ttl":138,"type":"Innovation"},{"class":"partnerships","data":"commercial","name":"across.exe","ttl":1294,"type":"of"},{"class":"industry","data":"them","name":"cyber_working_innovation.pdf","ttl":3957,"type":"assist"}],"header_flags":["is","other"],"id":"art","op_code":"Canadian","question":{"class":"Build","name":"performs_support.ppt","registered_domain":"private.com","subdomain":"about.ca","top_level_domain":"are.biz","type":"vendors"},"resolved_ip":["112.169.208.67","233.152.67.104","169.190.245.204","121.115.17.242"],"response_code":"assist","type":"support"},"ecs":{"version":"7.0.9"},"error":{"code":"technical","message":"engaging"},"event":{"action":"technical","category":["malware","email"],"code":"art","created":"2023-03-04T23:30:14.286446Z","dataset":"collaborating","duration":3951,"end":"2023-02-26T09:55:03.286456Z","hash":"assist","id":"4iC051nrNOeZT6SuIDCpzw","ingested":"2023-02-13T21:58:58.286464Z","kind":"metric","module":"more","original":"performs","outcome":"success","provider":"AssemblyLine","reason":"to","reference":"enhanced","risk_score":3399.95,"risk_score_norm":3158.81,"sequence":534,"severity":3767,"start":"2023-02-04T06:05:21.286493Z","timezone":"market","type":["error","protocol"],"url":"from"},"email":{"attachments":[{"file":{"extension":"Government","hash":{"md5":"97139db787edb74ce7f23408b18bb415","sha1":"d1aabe639cb88d4ea9ee3fa59abb5c7e8c40a692","sha256":"5afa5f2fca3b98030bce9e29a953de8b4030393223bb47a18c1e22566fbac3d7","sha384":"1c0c910750999b3dabd6a2997b468babd70c4d706e19c2b6d5ce0b107b4eda454442073da30b26b788e9d838d42e0986","sha512":"9cce3d3fc92354e1792f3fc137b33a5aaee407bf7151ab87d4bda7e6dd7a0624bb7b55c8d9265579fbe83b8793da7b92c35ce657ffedda4aa7bd746dec869ae9","ssdeep":"48204:CAcbNf3aKwBOnRp7LrZLwpgvsk1oNNq:EfPiRxkJNDkvf7s6qBYj4U2lSj","tlsh":"programs"},"mime_type":"country","name":"us.gif","size":2681}},{"file":{"extension":"academia","hash":{"md5":"e36affcec0ba984a377532a32b21aa9e","sha1":"b6bfc42f887ca6cedd9305e5f25381bf85ff1093","sha256":"9f32e2d1903cee86b77036fed45e2e4599bd7b525dd018c036b861a42cb58796","sha384":"b0a9bec69fd0dc9f6dde707b6597e30899dd08669905f36ddf71cf4ebf729c80ab7403dfa0cbeb526f2e8cc76b4dcc54","sha512":"45c154de86314e9924bc60fcef7d8315a6219a90890cb76f7e414a6df382ea40cc18eae4f1892e19c6989fcde0b977b69ffe56cbc306ad1075bbc9f8e37e9c16","ssdeep":"12182:2QSbsaTABk0er8uHmky6VbVdkHDkw:9ooNdi7lUCnsL9XiA7b0jAtcLkGjrAUNadnY0s9Yj","tlsh":"problems"},"mime_type":"testing","name":"new_testing_website.lnk","size":3794}},{"file":{"extension":"visit","hash":{"md5":"07b8537cc042fdf885f8dc6f2598d36f","sha1":"a61bf3cea43eac231fca98eed1a7b14972f10be3","sha256":"837410ec92e9cc08d754cbe444a3565cb0ee70cfbb6d298c970c110310224857","sha384":"f1d4ea1ad5eabea7993562cc93cf7fbe3c041bfa782f0b266387c2d6ba84f6b30d41edeafdf6757ed491172481b7cdad","sha512":"223de837a9ce1bd68aa4818d0d95287a7c8abda15a7b40b6ec5bbbfe62611c5681ead45ab4bd28edfc76875695e1eaf69ec429ab333da304d0dca612856c6f15","ssdeep":"45945:O2UweVMUv7hQHXIvtUljqaGJRx1rzhu0HTjShPFhvtm4aHLjiGoc36mwV7:FKJv0Zh1jVetkXYjPQY724cv54tQ","tlsh":"visit"},"mime_type":"services","name":"companies_to_authority.doc","size":1164}},{"file":{"extension":"transition","hash":{"md5":"b41578935d0bf24c9cd94574ef048965","sha1":"6a32c5c881ec5a5c5299e3b17ec74b1dba083f7a","sha256":"76ae51e48f735282c0af1ec75f320d6a6f4298c562bc2d7e0d307a7cf7aa34d7","sha384":"cbaada43b1f3e6b1986f5d6040c04baaeaa58517ca57098ea567b199445060c98e854faffd212100878fd3a5978d6365","sha512":"87670b985d7a8e1b864b85966d2a3f12bda031340af752351da4d4ec405a71a0b3240a0acf886e6df3ea1ec71613b49c6dc8a00267934cb01d20ad663e56f388","ssdeep":"86238:irMUYhiuVNtKNhZ30uorl:Y1NPVS1jzZayMHjOPZvuUuqIrlTKP7bcp","tlsh":"country"},"mime_type":"support","name":"we_are_government.ppt","size":1902}}],"bcc":{"address":"technical@from.biz"},"cc":{"address":"complex@work.biz"},"content_type":"edge","delivery_timestamp":"2023-02-19T05:10:13.287237Z","direction":"survey","from":{"address":"an@visit.biz"},"local_id":"1L0MvuaH4shdcD48fVzpOs","message_id":"6DA2CP5hJYfh4HGVBoiuWZ","origination_timestamp":"2023-02-20T14:29:04.287293Z","reply_to":{"address":"security@invite.com"},"sender":{"address":"certain@with.com"},"subject":"defence","to":{"address":"country@stays.edu"},"x_mailer":"innovation","parent":{"bcc":{"address":"engaging@more.com"},"cc":{"address":"sizes@provide.ca"},"from":{"address":"more@development.edu"},"message_id":"48smEHhFvGa29Ssf8ulpR1","origination_timestamp":"2023-02-20T07:48:59.287345Z","subject":"development","to":{"address":"open@are.biz"},"source":"24.118.8.176","destination":"58.34.20.199"}},"faas":{"coldstart":true,"execution":"also","id":"product","name":"to_innovation_improve.ppt","trigger":{"request_id":"5HfhDYSvIRsHoAS7dfD661","type":"datasource"},"version":"7.2.4"},"file":{"accessed":"2023-03-07T03:11:38.287412Z","attributes":["experts"],"created":"2023-02-14T11:27:14.287422Z","ctime":"2023-02-07T11:29:49.287426Z","device":"improve","directory":"innovative/work/build/examine/website","drive_letter":"their","extension":"For","fork_name":"the_levels_technologies.exe","gid":"supports","group":"USERS","inode":"more.ca","mime_type":"BCIP","mode":"more","mtime":"2023-02-25T10:07:05.287463Z","name":"technical.lnk","owner":"engaging","path":"commercial","size":3310,"target_path":"the","type":"symlink","uid":"The","code_signature":{"digest_algorithm":"sha1","exists":false,"signing_id":"20fG9XTjvNbPiIKccXx9Pp","status":"potential","subject_name":"with.xls","team_id":"2KXLlCzYwLM2WRQ0BHEtD8","timestamp":"2023-02-27T20:15:13.287538Z","trusted":true,"valid":false},"elf":{"architecture":"from","byte_order":"them","cpu_type":"country","creation_date":"companies","exports":["experts","participating","improve","private"],"header":{"abi_version":"8.4.8","class":"do","data":"constantly","entrypoint":1950,"object_version":"4.0.6","os_abi":"market","type":"innovative","version":"8.4.9"},"imports":["invite","work"],"sections":[{"chi2":866,"entropy":3576,"flags":"working","name":"innovation.jpg","physical_offset":"Innovation","physical_size":3347,"type":"problems","virtual_address":1963,"virtual_size":550},{"chi2":2086,"entropy":1865,"flags":"performs","name":"to.exe","physical_offset":"market","physical_size":2891,"type":"website","virtual_address":1378,"virtual_size":3768},{"chi2":896,"entropy":2134,"flags":"about","name":"working_innovative.gif","physical_offset":"with","physical_size":2709,"type":"technologies","virtual_address":3835,"virtual_size":4018},{"chi2":2277,"entropy":2581,"flags":"sizes","name":"complex_development_private.jpg","physical_offset":"improve","physical_size":3503,"type":"product","virtual_address":4034,"virtual_size":1771}],"segments":[{"chi2":1851,"entropy":693,"flags":"enhanced","name":"services.exe","physical_offset":"commercial","physical_size":1636,"type":"promote","virtual_address":3887,"virtual_size":338},{"chi2":1730,"entropy":2906,"flags":"experts","name":"support_other.jpg","physical_offset":"For","physical_size":4003,"type":"is","virtual_address":1749,"virtual_size":324},{"chi2":601,"entropy":1970,"flags":"environment","name":"examine.xls","physical_offset":"helps","physical_size":517,"type":"open","virtual_address":938,"virtual_size":717},{"chi2":2512,"entropy":2022,"flags":"Government","name":"companies_are_examine.lnk","physical_offset":"For","physical_size":3583,"type":"marketplace","virtual_address":605,"virtual_size":3367}],"shared_libraries":["work"],"telfhash":"their"},"hash":{"md5":"5ebdfd29c9dc46029264734577abd10a","sha1":"2821927066fe71ce9cfd6a3e7ad7fcfea02c06ea","sha256":"98d987c9d9211123358a784eaf1714495e948db1d68aad26272095276058c6e9","sha384":"9e5f7f1d1f27a81251e06f67a5156e17a255081e04e357101699c6eb92a842873b812d3e9391778c7f39893bc9589860","sha512":"fdf721b4d7b5b34d3aba8c15804c3b24d55fc1af9ceb4c70e8849442da4cce20df5daf3b1b18c64436afe464b6b6d63694f9b8bf7b54d12b6f177ec827fa0c76","ssdeep":"2889:9hlrxyKlnsIvFFuCRIYP3DgKfs54s00vXSL1Eij:k67XwNEZEEfUa8VylisaNlwnhmVA9EytgwpA","tlsh":"potential"},"pe":{"architecture":"provide","company":"evaluate","description":"environment","file_version":"visit.exe","imphash":"complex","original_file_name":"order.pdf","pehash":"cutting","product":"are"}},"group":{"domain":"are.edu","id":"technology","name":"the_us.exe"},"host":{"id":"assist","ip":["151.152.110.132","17.207.39.202","58.178.160.221"],"mac":["031C1A1D7620","7D1885B141E4","DCB203BE45A8"],"name":"cutting_new_but.ppt","domain":"product.biz","type":"Canada"},"http":{"request":{"body":{"bytes":3529,"content":"development"},"bytes":740,"id":"state","method":"One","mime_type":"engaging","referrer":"working"},"response":{"body":{"bytes":2629,"content":"by"},"bytes":3051,"mime_type":"vendors","status_code":2525},"version":"8.0.1"},"organization":{"id":"115","name":"Mint"},"process":{"args":["development","edge"],"args_count":2511,"command_line":"by","end":"2023-02-15T09:07:54.288062Z","entity_id":"1FusssETMj55m9Dhnw500T","env_vars":{"key_a":"provide","key_b":"other"},"executable":"role","exit_code":3122,"interactive":true,"name":"new.xls","parent":[{"args":["Build","promote","collaborating"],"args_count":2471,"command_line":"supports","end":"2023-02-12T11:57:48.288120Z","entity_id":"355VAw2X5eXEehM8Py5SE6","env_vars":{"key_a":"constantly","key_b":"on","key_c":"new","key_d":"from","key_e":"survey"},"executable":"market","exit_code":3405,"interactive":false,"name":"engaging_goods.pdf","pid":3696,"same_as_process":true,"start":"2023-02-15T00:28:59.288172Z","user":{"id":"Program","name":"evaluate_testing.pdf"}},{"args":["also"],"args_count":773,"command_line":"key","end":"2023-02-24T13:38:11.288194Z","entity_id":"6XU7Qbn8p3iNRPt4qGQ41l","env_vars":{"key_a":"commercial","key_b":"is","key_c":"more","key_d":"authority","key_e":"order"},"executable":"from","exit_code":2311,"interactive":true,"name":"other.xls","pid":1911,"same_as_process":true,"start":"2023-02-20T05:09:56.288242Z","user":{"id":"defence","name":"stays_defence_new.lnk"}},{"args":["art","website","invite","engaging"],"args_count":2450,"command_line":"We","end":"2023-02-14T10:52:13.288268Z","entity_id":"3Z0CVexADxWkM49iG7PJIh","env_vars":{"key_a":"programs","key_b":"academia","key_c":"participating"},"executable":"role","exit_code":3525,"interactive":false,"name":"market_cyber_country.lnk","pid":3284,"same_as_process":false,"start":"2023-03-02T04:10:47.288313Z","user":{"id":"Canadian","name":"cutting.gif"}}],"pid":3575,"same_as_process":true,"start":"2023-02-09T03:01:12.288327Z","title":"Program","uptime":3337,"user":{"id":"edge","name":"services_innovative.exe"},"working_directory":"our/industry/innovations/problems"},"registry":{"data":{"bytes":"to","strings":["is"],"type":"market"},"hive":"testing","key":"potential","path":"other","value":"certain"},"related":{"hash":["innovative","marketplace","For","development"],"hosts":["technologies.edu","by.ca"],"ip":["140.208.23.85","138.44.7.50","250.9.202.36"],"user":["admin"],"id":"key","uri":["https://them.biz/services/For/about/goods/potential/about"],"signature":["do"]},"server":{"ip":"51.153.193.76","address":"product","domain":"innovative.edu"},"source":{"address":"other","bytes":2580,"domain":"partnerships.com","geo":{"city_name":"we.gif","continent_code":"transition","continent_name":"key_tools.pdf","country_iso_code":"this","country_name":"from.ppt","location":{"lon":1522.06,"lat":3812.15},"name":"bringing_vendors_working.exe","postal_code":"about","region_iso_code":"improve","region_name":"invite_art.xls","timezone":"selling"},"ip":"214.173.112.21","mac":"b9:93:c6:dc:c7:80","nat":{"ip":"117.205.183.70","port":2164},"packets":798,"port":3461},"threat":{"feed":{"dashboard_id":"2bNv8BGR0mB0t1qnJAN7xa","description":"about","name":"feedback_performs.gif","reference":"survey"},"framework":"MITRE ATT&CK","group":{"alias":["is"],"id":"We","name":"bcip_invite.pdf","reference":"academia"},"indicator":{"confidence":"transition","description":"Role of the legislature and government of New Brunswick.","email":{"address":"marketplace"},"provider":"key","reference":"art","scanner_stats":889,"sightings":930,"ip":"130.224.187.249","type":"invite","first_seen":"2023-02-08T04:43:07.288618Z","last_seen":"2023-02-05T19:49:49.288624Z"},"software":{"alias":["support","from"],"id":"performs","name":"provide_but_supports.lnk","platform":["more"],"reference":"selling","type":"are"},"tactic":{"id":"TA0008","name":"Lateral Movement","reference":"levels"},"technique":{"id":"T1211","name":"Exploitation for Defense Evasion","reference":"of"}},"tls":{"version":"7.3.8","version_protocol":"6.2.4","client":{"server_name":"key_order.pdf","ja3":"innovative"},"server":{"ja3s":"Canadian"}},"url":{"domain":"private.ca","extension":"in","fragment":"emerging","full":"is","original":"environment","password":"helps","path":"technical","port":2214,"query":"edge","registered_domain":"in.com","scheme":"on","subdomain":"academia.edu","top_level_domain":"build.biz","username":"user"},"user":{"domain":"survey.edu","email":"website@environment.com","full_name":"website_participating.gif","group":{"domain":"support.com","id":"visit","name":"we.lnk"},"hash":"industry","id":"on","name":"by","roles":["selling","promote","innovations"]},"user_agent":{"device":{"name":"emerging_is_supports.doc"},"name":"defence_by_this.pdf","original":"Mozilla/5.0 (iPhone9,4; U; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1","os":{"family":"helps","full":"industry","kernel":"partners","name":"authority_canadian_cyber.xls","platform":"feedback","type":"cutting","version":"7.4.7"},"version":"8.3.9"},"vulnerability":{"category":["Cyber","helps","innovations"],"classification":"marketplace","description":"the","enumeration":"are","id":"also","reference":"Program","report_id":"1gcJOBqOBpGo7fNyOtuLFZ"}},"25S6XTnNG0jOaqDVnX7dOu":{"timestamp":"2023-02-24T11:47:42.183530Z","labels":{"key_a":"on","key_b":"technical","key_c":"them","key_d":"invite"},"tags":["BCIP","market"],"howler":{"id":"25S6XTnNG0jOaqDVnX7dOu","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Impact","hash":"18ae230767d6453cac121788af57a1570711ecf9959dafb80563f9b631312583","related":["academia","also"],"reliability":299.14,"severity":424.23,"volume":219.55,"confidence":3290.92,"score":1286,"status":"open","scrutiny":"surveyed","escalation":"alert","assessment":null,"comment":[{"id":"sTIS1JJOK9dRbG5hnWNTd","timestamp":"2023-02-27T22:29:58.183718Z","modified":"2023-02-26T21:32:40.183725Z","value":"Language of instruction.","user":"admin"},{"modified":"2023-03-10T14:55:03.473486Z","id":"4umYGYk7Sx2bZyQfaFLNT2","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:03.473432Z"},{"modified":"2023-03-10T14:55:42.860160Z","id":"1MbOdm1KGPKEniwrcw65cS","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:42.860109Z"},{"modified":"2023-03-10T15:11:48.509631Z","id":"1MlBjw4lOyGdGM5C6VHO47","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:48.509581Z"},{"modified":"2023-03-10T15:12:34.441560Z","id":"SSUZASFy4PCHxEEwiep27","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:34.441506Z"},{"modified":"2023-03-10T15:13:04.980938Z","id":"6lQ5czKmedXN07cWloLPc3","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:04.980893Z"},{"modified":"2023-03-10T15:13:28.571145Z","id":"2PAMGhpixEryOOYh2L00sL","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:28.571102Z"},{"modified":"2023-03-10T15:14:23.973058Z","id":"2X2jcYwwWOpP8Hp5gUfOnI","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:23.973018Z"},{"modified":"2023-03-10T15:14:50.597795Z","id":"5v52qZbx7OnCyFLuWVbOj0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:50.597760Z"},{"modified":"2023-03-10T15:19:11.368114Z","id":"7dPC49xgzbpsgq4OZZd2Zt","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:11.368054Z"},{"modified":"2023-03-10T15:20:04.235972Z","id":"3ibqDvWlnY3mX8HWnzlD8E","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:04.235898Z"},{"modified":"2023-03-10T15:21:42.439498Z","id":"1CLiTDAvykNtsCW7uasVP8","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:42.439446Z"},{"modified":"2023-03-10T15:23:16.409362Z","id":"1ES7xuXHDjRIQnjYx9yXJI","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:16.409301Z"},{"modified":"2023-03-10T15:26:31.185838Z","id":"3pC00FYYH7j43TQWjqivh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:31.185789Z"},{"modified":"2023-03-10T15:31:02.983335Z","id":"2q3jzkltuy9a9i0G608EXZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:02.983279Z"},{"modified":"2023-03-10T15:34:17.455468Z","id":"5JHladUEWf2oBC5aodLTYs","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:17.455411Z"},{"modified":"2023-03-10T15:40:28.296990Z","id":"1ExPzDMhoKGobLoHFzFatw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:28.296910Z"}],"log":[{"timestamp":"2023-03-08T11:39:18.183738Z","key":"development","explanation":"Application of Charter.","new_value":"Canada","type":"set","previous_value":"security","user":"user"},{"timestamp":"2023-03-04T15:16:54.183760Z","key":"marketplace","explanation":"A party or witness in any proceedings who does not understand or speak the language in which the proceedings are conducted or who is deaf has the right to the assistance of an interpreter.","new_value":"enhanced","type":"appended","previous_value":"BCIP","user":"user"},{"timestamp":"2023-02-26T02:18:13.183779Z","key":"open","explanation":"Everyone has the right not to be subjected to any cruel and unusual treatment or punishment.","new_value":"One","type":"set","previous_value":"with","user":"user"},{"timestamp":"2023-03-07T04:07:30.183799Z","key":"our","explanation":"Rights guaranteed equally to both sexes.","new_value":"all","type":"set","previous_value":"role","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4umYGYk7Sx2bZyQfaFLNT2\\", \\"timestamp\\": \\"2023-03-10T14:55:03.473432Z\\", \\"modified\\": \\"2023-03-10T14:55:03.473486Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:03.557419Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1MbOdm1KGPKEniwrcw65cS\\", \\"timestamp\\": \\"2023-03-10T14:55:42.860109Z\\", \\"modified\\": \\"2023-03-10T14:55:42.860160Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:42.936714Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1MlBjw4lOyGdGM5C6VHO47\\", \\"timestamp\\": \\"2023-03-10T15:11:48.509581Z\\", \\"modified\\": \\"2023-03-10T15:11:48.509631Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:48.584145Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"SSUZASFy4PCHxEEwiep27\\", \\"timestamp\\": \\"2023-03-10T15:12:34.441506Z\\", \\"modified\\": \\"2023-03-10T15:12:34.441560Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:34.517768Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6lQ5czKmedXN07cWloLPc3\\", \\"timestamp\\": \\"2023-03-10T15:13:04.980893Z\\", \\"modified\\": \\"2023-03-10T15:13:04.980938Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:05.060547Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2PAMGhpixEryOOYh2L00sL\\", \\"timestamp\\": \\"2023-03-10T15:13:28.571102Z\\", \\"modified\\": \\"2023-03-10T15:13:28.571145Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:28.652436Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2X2jcYwwWOpP8Hp5gUfOnI\\", \\"timestamp\\": \\"2023-03-10T15:14:23.973018Z\\", \\"modified\\": \\"2023-03-10T15:14:23.973058Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:24.044864Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5v52qZbx7OnCyFLuWVbOj0\\", \\"timestamp\\": \\"2023-03-10T15:14:50.597760Z\\", \\"modified\\": \\"2023-03-10T15:14:50.597795Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:50.670519Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7dPC49xgzbpsgq4OZZd2Zt\\", \\"timestamp\\": \\"2023-03-10T15:19:11.368054Z\\", \\"modified\\": \\"2023-03-10T15:19:11.368114Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:11.453885Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3ibqDvWlnY3mX8HWnzlD8E\\", \\"timestamp\\": \\"2023-03-10T15:20:04.235898Z\\", \\"modified\\": \\"2023-03-10T15:20:04.235972Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:04.332393Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1CLiTDAvykNtsCW7uasVP8\\", \\"timestamp\\": \\"2023-03-10T15:21:42.439446Z\\", \\"modified\\": \\"2023-03-10T15:21:42.439498Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:42.524326Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1ES7xuXHDjRIQnjYx9yXJI\\", \\"timestamp\\": \\"2023-03-10T15:23:16.409301Z\\", \\"modified\\": \\"2023-03-10T15:23:16.409362Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:16.494416Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3pC00FYYH7j43TQWjqivh\\", \\"timestamp\\": \\"2023-03-10T15:26:31.185789Z\\", \\"modified\\": \\"2023-03-10T15:26:31.185838Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:31.290524Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2q3jzkltuy9a9i0G608EXZ\\", \\"timestamp\\": \\"2023-03-10T15:31:02.983279Z\\", \\"modified\\": \\"2023-03-10T15:31:02.983335Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:03.064070Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5JHladUEWf2oBC5aodLTYs\\", \\"timestamp\\": \\"2023-03-10T15:34:17.455411Z\\", \\"modified\\": \\"2023-03-10T15:34:17.455468Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:17.525477Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1ExPzDMhoKGobLoHFzFatw\\", \\"timestamp\\": \\"2023-03-10T15:40:28.296910Z\\", \\"modified\\": \\"2023-03-10T15:40:28.296990Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:28.401598Z"}],"retained":"support","monitored":"experts","reported":"participating","mitigated":"by","outline":{"threat":"53.156.74.51","target":"56d3c6642184a4a44f46c74ddb6a9959.gc.ca","indicators":["website_other.pdf","environment_innovation.exe","commercial.jpg","stays_by.doc","build_them.exe","across_security.lnk","technology_product_enhanced.lnk","selling_open_the.lnk"],"summary":"To be informed without unreasonable delay of the specific offence."},"labels":{"assignments":["ADS4B","APA2B","ACE1C"],"generic":["Super Teams","Outlook","Drive"]},"votes":{"benign":["survey","marketplace","bringing"],"obscure":["to","emerging","do","are"],"malicious":["marketplace"]},"dossier":{"key_a":"true","key_b":"enhanced","key_c":"We"}},"assemblyline":{"antivirus":[{"type":"invite","subtype":"Government","value":"stays","verdict":"safe"},{"type":"key","subtype":"edge","value":"defence","verdict":"suspicious"},{"type":"technical","subtype":"defence","value":"about","verdict":"info"}],"attribution":[{"type":"Innovation","subtype":"about","value":"role","verdict":"suspicious"},{"type":"product","subtype":"certain","value":"Program","verdict":"info"}],"behaviour":[{"type":"constantly","subtype":"role","value":"Government","verdict":"safe"},{"type":"determine","subtype":"companies","value":"government","verdict":"info"}],"domain":[{"type":"We","subtype":"improve","value":"role","verdict":"improve"},{"type":"marketplace","subtype":"technologies","value":"One","verdict":"Canada"}],"heuristic":[{"type":"of","subtype":"to","value":"defence","verdict":"suspicious"},{"type":"stays","subtype":"marketplace","value":"innovative","verdict":"malicious"},{"type":"of","subtype":"open","value":"development","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"of","subtype":"on","value":"with","verdict":"suspicious"}],"technique":[{"type":"sizes","subtype":"feedback","value":"promote","verdict":"info"}]},"uri":[{"type":"learn","subtype":"do","value":"industry","verdict":"but"},{"type":"across","subtype":"all","value":"working","verdict":"learn"},{"type":"the","subtype":"selling","value":"are","verdict":"by"}],"yara":[{"type":"key","subtype":"new","value":"defence","verdict":"suspicious"}]},"agent":{"id":"selling","name":"innovative_commercial.pdf","type":"country","version":"4.3.4"},"cbs":{"sharepoint":{"created":{"application":"Centre","user":"admin"},"modified":{"application":"innovation","user":"user"}}},"cloud":{"account":{"id":"7kEinIr3STnaSZYg80LnLK","name":"the_we.lnk"},"availability_zone":"companies","instance":{"id":"their","name":"supports.xls"},"machine":{"type":"art"},"project":{"id":"sizes","name":"laboratory_technical_private.doc"},"provider":"tools","region":"Build","service":{"name":"Google Drive"},"tenant_id":"63IL8G2Gbxi5NQlC4K39Fz"},"container":{"id":"bringing","image":{"hash":{"all":["art","order"]},"name":"academia_with_other.jpg","tag":["in"]},"labels":{"key_a":"on","key_b":"vendors","key_c":"working","key_d":"BCIP","key_e":"is"},"name":"is_order_companies.gif","runtime":"their"},"destination":{"address":"also","bytes":3775,"domain":"bcip.com","geo":{"city_name":"to_them.exe","continent_code":"Government","continent_name":"new.doc","country_iso_code":"government","country_name":"to_working_program.xls","location":{"lon":1468.36,"lat":1327.02},"name":"on_bringing_testing.pdf","postal_code":"Cyber","region_iso_code":"vendors","region_name":"performs.exe","timezone":"examine"},"ip":"102.62.210.215","mac":"00:60:33:c6:0f:1b","nat":{"ip":"238.68.43.169","port":2332},"packets":2480,"port":1585},"dns":{"answers":[{"class":"to","data":"problems","name":"commercial.ppt","ttl":672,"type":"private"},{"class":"innovative","data":"assist","name":"innovation.gif","ttl":3233,"type":"The"},{"class":"their","data":"constantly","name":"programs_open.xls","ttl":3951,"type":"partners"},{"class":"Centre","data":"cyber","name":"cutting_but.ppt","ttl":918,"type":"Canada"}],"header_flags":["them","defence"],"id":"Program","op_code":"For","question":{"class":"collaborating","name":"complex_technologies.jpg","registered_domain":"market.edu","subdomain":"innovations.com","top_level_domain":"emerging.com","type":"engaging"},"resolved_ip":["144.250.105.71","109.223.130.43"],"response_code":"of","type":"support"},"ecs":{"version":"4.2.9"},"error":{"code":"testing","message":"working"},"event":{"action":"visit","category":["file","malware"],"code":"To","created":"2023-03-04T10:11:20.184569Z","dataset":"vendors","duration":497,"end":"2023-02-17T12:04:58.184582Z","hash":"feedback","id":"25S6XTnNG0jOaqDVnX7dOu","ingested":"2023-02-07T15:17:17.184592Z","kind":"signal","module":"Government","original":"Program","outcome":"success","provider":"AssemblyLine","reason":"levels","reference":"improve","risk_score":1219.7,"risk_score_norm":3690.02,"sequence":1646,"severity":3013,"start":"2023-03-07T23:39:04.184624Z","timezone":"sizes","type":["access","indicator","group"],"url":"key"},"email":{"attachments":[{"file":{"extension":"country","hash":{"md5":"b086e5edc0d83f41af833b9d20045a3b","sha1":"8fca86ed3dd1de311e6c31c747351596e542f88b","sha256":"b4c23d5653f44b38f433fd314af9624141cc1ecb8c1346fec1faf3d9306c7d51","sha384":"d2c615e28745c3667ce8d30ce22574854b2fe441b29c0542e7ed7d077587e40806fcfbbec79bf5413c851a68998efef2","sha512":"5452f3180e7fb39c271aaf6369d0bf48ea8c3876f941de58f6a039d507ab80c918833cb7f9446c6fcfee8619b26f7144792cc8d63657dd98361b0c1f2e7b4559","ssdeep":"92399:ESVgd19NwuubijwBL52kEEPhgYNQpDl9Yt3hAJP9vplg1X:DaL8ixVHbdwyXoZ3FDClUJGZMSX3PrHuMXshHrhKLjBfPP","tlsh":"visit"},"mime_type":"innovation","name":"technical.ppt","size":899}},{"file":{"extension":"us","hash":{"md5":"3f13a401961c0ac640a67605e06d4d3e","sha1":"52951269c5d28ed961de9e3fefcdde1883cf0b6a","sha256":"bacaa04a6e2c480b776a06434029c51c45cabc5c196b89c97ffd5445b0177aa6","sha384":"981686e6d4f4033d79e8127c5a56eac5c9ba5e7e6bd61760607955d62fe1a26fd7b31ed871a86808142a614b0cd6d0b6","sha512":"f83a7e2b56faaa2676fcab548ea9deb8e6a98c0cf7eee5e9ad0464d085ce50ad1b16f4b3783afbd48880c30c17123cd2753d3215186adb1670662f763de042a3","ssdeep":"42716:NnIvRwPZeGmZIbG1sEN1zENFP559GSNM8SE1IYA69392Dk:eifr250mIHOnSxMRsoDwPEzeyybhZY","tlsh":"academia"},"mime_type":"One","name":"our.xls","size":1383}},{"file":{"extension":"innovative","hash":{"md5":"09cffa019d0a617a623d6439813535fa","sha1":"6c3bf3496579b64a7c6d48d69eb87590fe475a78","sha256":"bd93de2cfff9e20eb1ccb14b5502e6249631b9cc6ee570671a18f36b71341f09","sha384":"9f2355a8ff1dc9abb8db4fee13343e45226e3a139c625b5c58fb88602378b8fd5e2da1fc4a1475d7053cf06cde0357a9","sha512":"c7515444415699bc1bf95267cac86a84534fb7f063c2d726e0744dbb4c67e73914dd6a14231656b9024e73d613e54949b00cd6a925a1c5f49ea802bc40e38ae1","ssdeep":"14044:uPwZ9MqLFR1jMIZJOlBuospONjEgNRnqew6QOf:91TY3PXntLIv7GVAAFQsSORq","tlsh":"goods"},"mime_type":"emerging","name":"us_constantly.exe","size":1858}}],"bcc":{"address":"marketplace@authority.biz"},"cc":{"address":"industry@feedback.com"},"content_type":"To","delivery_timestamp":"2023-02-12T10:07:02.185210Z","direction":"levels","from":{"address":"commercial@feedback.ca"},"local_id":"9XZFDKTMJ9wuqlRFZoKf8","message_id":"3tOvevVINRzbakXS3Tl6xG","origination_timestamp":"2023-02-19T16:32:46.185270Z","reply_to":{"address":"sizes@technologies.biz"},"sender":{"address":"security@government.edu"},"subject":"Centre","to":{"address":"experts@we.com"},"x_mailer":"work","parent":{"bcc":{"address":"canada@laboratory.com"},"cc":{"address":"private@cyber.biz"},"from":{"address":"invite@security.biz"},"message_id":"1qdh5P1FUa0PUhBS6qJleh","origination_timestamp":"2023-03-03T17:13:40.185328Z","subject":"from","to":{"address":"feedback@private.com"},"source":"221.252.225.173","destination":"204.215.174.54"}},"faas":{"coldstart":false,"execution":"certain","id":"development","name":"programs.doc","trigger":{"request_id":"61Nt0HJAXb4PlHOzoUH4Xa","type":"timer"},"version":"5.0.5"},"file":{"accessed":"2023-02-04T16:28:19.185405Z","attributes":["assist","Build","Cyber"],"created":"2023-02-11T15:42:46.185422Z","ctime":"2023-02-09T07:32:00.185427Z","device":"evaluate","directory":"the/problems/do/support/all/art","drive_letter":"innovations","extension":"support","fork_name":"government_program_cutting.pdf","gid":"with","group":"ADMINS","inode":"industry.edu","mime_type":"with","mode":"improve","mtime":"2023-03-01T05:23:11.185470Z","name":"but.xls","owner":"selling","path":"across","size":2677,"target_path":"work","type":"file","uid":"defence","code_signature":{"digest_algorithm":"sha256","exists":false,"signing_id":"6L7WkWKs9op9tW6lY1BhJO","status":"levels","subject_name":"program_centre_problems.lnk","team_id":"64tGQDET9vFFfi3MWtDJsb","timestamp":"2023-02-12T17:12:45.185556Z","trusted":true,"valid":true},"elf":{"architecture":"all","byte_order":"BCIP","cpu_type":"examine","creation_date":"invite","exports":["authority","selling","innovation"],"header":{"abi_version":"8.0.2","class":"is","data":"industry","entrypoint":344,"object_version":"4.5.0","os_abi":"working","type":"new","version":"5.3.0"},"imports":["this","country","potential","Program"],"sections":[{"chi2":175,"entropy":1041,"flags":"innovation","name":"technologies_but.exe","physical_offset":"technology","physical_size":3781,"type":"Innovation","virtual_address":1513,"virtual_size":2412},{"chi2":2467,"entropy":1942,"flags":"potential","name":"visit.lnk","physical_offset":"levels","physical_size":400,"type":"survey","virtual_address":1526,"virtual_size":1916},{"chi2":1287,"entropy":1862,"flags":"more","name":"laboratory_state.exe","physical_offset":"supports","physical_size":2565,"type":"also","virtual_address":3264,"virtual_size":2082}],"segments":[{"chi2":971,"entropy":3405,"flags":"key","name":"evaluate.lnk","physical_offset":"key","physical_size":3616,"type":"programs","virtual_address":3135,"virtual_size":181},{"chi2":2212,"entropy":2203,"flags":"innovative","name":"assist.ppt","physical_offset":"cyber","physical_size":2913,"type":"Innovation","virtual_address":1067,"virtual_size":802},{"chi2":2558,"entropy":3833,"flags":"testing","name":"bcip_partners.gif","physical_offset":"role","physical_size":3244,"type":"authority","virtual_address":1732,"virtual_size":3155},{"chi2":3402,"entropy":1616,"flags":"security","name":"testing_potential.gif","physical_offset":"innovation","physical_size":2754,"type":"order","virtual_address":3924,"virtual_size":374}],"shared_libraries":["The"],"telfhash":"also"},"hash":{"md5":"82925aaea5dac8242cb018627183f042","sha1":"78ce6923390da9f3a960c006cd286af9243a0183","sha256":"0f08f095134df8408a2139287d1b11244885dd6945897c98a66d3b12b6077c98","sha384":"52568a2e5df647e2ce58281b8edd7ba798b0775dca766b061eeedd57a04d181d988081fbc4316ee1aa29c9635947ee75","sha512":"a4f0b8a3c287e14f9cbc18804db163e7033ceecb015ce0e86481aebb9f9c81e483d4f7eb303e7b064ad328abda7ec4d069960ab185c67349c3f02c9adf0cbcf1","ssdeep":"31895:DbXolPZ8CV0RcD241bXZTTTFhIAkm4vkopzGCCuqVP5kzNfQZKjUUldPaDEh:pcyB49YPMh2meEod9RqfQQAC6uQn9uw4Oz","tlsh":"emerging"},"pe":{"architecture":"from","company":"complex","description":"selling","file_version":"art_support_role.lnk","imphash":"tools","original_file_name":"centre.exe","pehash":"the","product":"work"}},"group":{"domain":"helps.com","id":"companies","name":"from_centre_development.pdf"},"host":{"id":"problems","ip":["142.90.23.123"],"mac":["1D84D0E840B7","75D38F37EB7B"],"name":"them.pdf","domain":"is.edu","type":"art"},"http":{"request":{"body":{"bytes":2734,"content":"provide"},"bytes":1636,"id":"with","method":"on","mime_type":"marketplace","referrer":"authority"},"response":{"body":{"bytes":3000,"content":"provide"},"bytes":3866,"mime_type":"engaging","status_code":3875},"version":"4.4.0"},"organization":{"id":"101","name":"NFB"},"process":{"args":["support","performs","academia"],"args_count":2948,"command_line":"participating","end":"2023-02-17T05:14:34.186135Z","entity_id":"3RRAsY96VzmZVYU8PxeEOg","env_vars":{"key_a":"feedback","key_b":"commercial","key_c":"marketplace","key_d":"visit"},"executable":"commercial","exit_code":2377,"interactive":true,"name":"to_enhanced.gif","parent":[{"args":["them","potential"],"args_count":467,"command_line":"companies","end":"2023-02-15T19:48:59.186205Z","entity_id":"6g1BDOpQUOhcAcWofZsB2G","env_vars":{"key_a":"invite","key_b":"constantly","key_c":"examine","key_d":"our","key_e":"support"},"executable":"We","exit_code":1659,"interactive":false,"name":"security.pdf","pid":562,"same_as_process":true,"start":"2023-03-04T17:52:22.186263Z","user":{"id":"promote","name":"all_an.exe"}},{"args":["selling","by","partnerships"],"args_count":1742,"command_line":"selling","end":"2023-02-06T03:50:53.186294Z","entity_id":"5gbVhvym9fsbthL6sISWch","env_vars":{"key_a":"open","key_b":"more","key_c":"laboratory","key_d":"are"},"executable":"Canadian","exit_code":2037,"interactive":true,"name":"government_product.lnk","pid":3890,"same_as_process":true,"start":"2023-03-01T15:17:06.186347Z","user":{"id":"selling","name":"do_partners_academia.pdf"}}],"pid":1202,"same_as_process":true,"start":"2023-02-16T00:09:47.186366Z","title":"innovative","uptime":779,"user":{"id":"supports","name":"do_innovative.jpg"},"working_directory":"complex/complex/transition"},"registry":{"data":{"bytes":"services","strings":["industry","state"],"type":"supports"},"hive":"across","key":"survey","path":"all","value":"private"},"related":{"hash":["industry"],"hosts":["services.biz"],"ip":["106.185.19.158"],"user":["user","user","user","admin"],"id":"their","uri":["https://in.biz/cyber/selling/across/To/academia/industry","http://commercial.ca/also/engaging/The"],"signature":["helps","marketplace","transition","key"]},"server":{"ip":"49.91.51.97","address":"enhanced","domain":"of.edu"},"source":{"address":"innovation","bytes":1012,"domain":"innovations.edu","geo":{"city_name":"build_stays_to.exe","continent_code":"open","continent_name":"our.xls","country_iso_code":"key","country_name":"invite_provide.xls","location":{"lon":1868.85,"lat":2836.62},"name":"key_transition.doc","postal_code":"art","region_iso_code":"new","region_name":"program_them.exe","timezone":"learn"},"ip":"113.227.49.8","mac":"d7:3d:55:bd:d8:52","nat":{"ip":"51.195.83.128","port":1886},"packets":3174,"port":1205},"threat":{"feed":{"dashboard_id":"3mQ6clSFpBpWpYlAZHWLBY","description":"market","name":"provide_services.lnk","reference":"Program"},"framework":"MITRE ATT&CK","group":{"alias":["government"],"id":"vendors","name":"technology_emerging_all.pdf","reference":"authority"},"indicator":{"confidence":"but","description":"Equality before and under law and equal protection and benefit of law.","email":{"address":"testing"},"provider":"authority","reference":"participating","scanner_stats":3927,"sightings":1930,"ip":"64.16.40.201","type":"key","first_seen":"2023-02-20T13:49:36.186663Z","last_seen":"2023-02-13T10:16:36.186670Z"},"software":{"alias":["services","across","Build"],"id":"tools","name":"testing.ppt","platform":["authority","participating"],"reference":"with","type":"industry"},"tactic":{"id":"TA0040","name":"Impact","reference":"technical"},"technique":{"id":"T1598","name":"Phishing for Information","reference":"technology"}},"tls":{"version":"5.3.8","version_protocol":"8.2.7","client":{"server_name":"with_the.ppt","ja3":"transition"},"server":{"ja3s":"goods"}},"url":{"domain":"sizes.com","extension":"assist","fragment":"website","full":"this","original":"To","password":"experts","path":"development","port":3375,"query":"levels","registered_domain":"canada.ca","scheme":"feedback","subdomain":"with.biz","top_level_domain":"assist.ca","username":"admin"},"user":{"domain":"private.edu","email":"vendors@commercial.edu","full_name":"canadian_to.jpg","group":{"domain":"levels.edu","id":"transition","name":"stays_enhanced_working.gif"},"hash":"invite","id":"participating","name":"feedback","roles":["The","new"]},"user_agent":{"device":{"name":"marketplace_cyber_one.exe"},"name":"build.gif","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"promote","full":"Program","kernel":"experts","name":"in_assist.jpg","platform":"tools","type":"transition","version":"6.5.7"},"version":"6.5.5"},"vulnerability":{"category":["are"],"classification":"academia","description":"Innovation","enumeration":"Build","id":"technologies","reference":"examine","report_id":"1zbX3uXcLS5WCJAb2mYVBa"}},"3UHUmEbLtPtx6QrnzUtQIO":{"timestamp":"2023-02-11T14:10:51.977015Z","labels":{"key_a":"Program","key_b":"from","key_c":"commercial","key_d":"tools","key_e":"tools"},"tags":["innovations","open"],"howler":{"id":"3UHUmEbLtPtx6QrnzUtQIO","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Execution","hash":"2751e4ebc14e511e2f5a7215af7b85cb65ee04ff1ce4311b95b4543b10d71dfb","related":["from","role","visit","performs"],"reliability":3761.77,"severity":226.37,"volume":794.89,"confidence":1279.54,"score":2456.5,"status":"open","scrutiny":"investigated","escalation":"hit","assessment":null,"comment":[{"id":"26IS3ycbPS2xLj8FgeI5nj","timestamp":"2023-03-09T10:32:29.977216Z","modified":"2023-02-04T15:08:47.977222Z","value":"To be presumed innocent until proven guilty according to law in a fair and public hearing by an independent and impartial tribunal.","user":"shawnh"},{"id":"7RwrWL9r8UQUGZCbRQAP82","timestamp":"2023-02-28T02:53:22.977252Z","modified":"2023-03-08T01:40:10.977256Z","value":"16.1 The English linguistic community and the French linguistic community in New Brunswick have equality of status and equal rights and privileges, including the right to distinct educational institutions and such distinct cultural institutions as are necessary for the preservation and promotion of those communities.","user":"admin"},{"modified":"2023-03-10T14:55:03.812379Z","id":"2gFA2NvZEJFopjlzdoLsvu","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:03.812342Z"},{"modified":"2023-03-10T14:55:43.164999Z","id":"141BDHaqBUj84GIx4k83Cb","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:43.164919Z"},{"modified":"2023-03-10T15:11:48.815706Z","id":"5Lt19zaACOOmqzM6XQZ9M9","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:48.815665Z"},{"modified":"2023-03-10T15:12:34.764619Z","id":"4ML1vXZFrdIvlOBPWBcRRV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:34.764582Z"},{"modified":"2023-03-10T15:13:05.281511Z","id":"3aaRQqCFbLZqGQDV3dunWl","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:05.281439Z"},{"modified":"2023-03-10T15:13:28.898297Z","id":"1EMvpazOKh7rpeIVEDjYOp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:28.898259Z"},{"modified":"2023-03-10T15:14:24.257263Z","id":"2Rw6tkqUa4cxjy5OkOObts","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:24.257229Z"},{"modified":"2023-03-10T15:14:50.889576Z","id":"e09Vs6QC4dLyEjFnmTDeN","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:50.889529Z"},{"modified":"2023-03-10T15:19:11.711758Z","id":"5F7lcZHA2oPBXOqJiKpTSm","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:11.711640Z"},{"modified":"2023-03-10T15:20:04.585719Z","id":"16WaIRpDrKF4fbDnqTZXh8","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:04.585675Z"},{"modified":"2023-03-10T15:21:42.777140Z","id":"4diwpbmti2AhwdbPIzysZG","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:42.777095Z"},{"modified":"2023-03-10T15:23:16.755876Z","id":"78A5uYMsTzC2K0ptLKmcZZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:16.755833Z"},{"modified":"2023-03-10T15:26:31.602335Z","id":"2NJvXYEBZFgCAnQLxLCdhr","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:31.602261Z"},{"modified":"2023-03-10T15:31:03.315869Z","id":"1nbV0oqINN2BD3pzFYGbZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:03.315826Z"},{"modified":"2023-03-10T15:34:17.748661Z","id":"VbnXK03eQ77fpovSOqQ1N","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:17.748625Z"},{"modified":"2023-03-10T15:40:28.640690Z","id":"6aeSzDm08hT0z37TLPjuqg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:28.640638Z"}],"log":[{"timestamp":"2023-02-27T15:37:26.977267Z","key":"market","explanation":"Citizens of Canada.","new_value":"also","type":"set","previous_value":"development","user":"user"},{"timestamp":"2023-02-18T22:36:31.977289Z","key":"transition","explanation":"An Act or a provision of an Act in respect of which a declaration made under this section is in effect shall have such operation as it would have but for the provision of this Charter referred to in the declaration.","new_value":"from","type":"removed","previous_value":"this","user":"admin"},{"timestamp":"2023-02-25T18:44:44.977309Z","key":"environment","explanation":"Whose first language learned and still understood is that of the English or French linguistic minority population of the province in which they reside, or.","new_value":"assist","type":"set","previous_value":"product","user":"admin"},{"timestamp":"2023-02-11T03:01:16.977328Z","key":"feedback","explanation":"Every citizen of Canada and every person who has the status of a permanent resident of Canada has the right.","new_value":"the","type":"removed","previous_value":"survey","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2gFA2NvZEJFopjlzdoLsvu\\", \\"timestamp\\": \\"2023-03-10T14:55:03.812342Z\\", \\"modified\\": \\"2023-03-10T14:55:03.812379Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:03.900262Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"141BDHaqBUj84GIx4k83Cb\\", \\"timestamp\\": \\"2023-03-10T14:55:43.164919Z\\", \\"modified\\": \\"2023-03-10T14:55:43.164999Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:43.243648Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5Lt19zaACOOmqzM6XQZ9M9\\", \\"timestamp\\": \\"2023-03-10T15:11:48.815665Z\\", \\"modified\\": \\"2023-03-10T15:11:48.815706Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:48.924420Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4ML1vXZFrdIvlOBPWBcRRV\\", \\"timestamp\\": \\"2023-03-10T15:12:34.764582Z\\", \\"modified\\": \\"2023-03-10T15:12:34.764619Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:34.832939Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3aaRQqCFbLZqGQDV3dunWl\\", \\"timestamp\\": \\"2023-03-10T15:13:05.281439Z\\", \\"modified\\": \\"2023-03-10T15:13:05.281511Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:05.356771Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1EMvpazOKh7rpeIVEDjYOp\\", \\"timestamp\\": \\"2023-03-10T15:13:28.898259Z\\", \\"modified\\": \\"2023-03-10T15:13:28.898297Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:28.973530Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2Rw6tkqUa4cxjy5OkOObts\\", \\"timestamp\\": \\"2023-03-10T15:14:24.257229Z\\", \\"modified\\": \\"2023-03-10T15:14:24.257263Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:24.324474Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"e09Vs6QC4dLyEjFnmTDeN\\", \\"timestamp\\": \\"2023-03-10T15:14:50.889529Z\\", \\"modified\\": \\"2023-03-10T15:14:50.889576Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:50.958406Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5F7lcZHA2oPBXOqJiKpTSm\\", \\"timestamp\\": \\"2023-03-10T15:19:11.711640Z\\", \\"modified\\": \\"2023-03-10T15:19:11.711758Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:11.811234Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"16WaIRpDrKF4fbDnqTZXh8\\", \\"timestamp\\": \\"2023-03-10T15:20:04.585675Z\\", \\"modified\\": \\"2023-03-10T15:20:04.585719Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:04.689134Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4diwpbmti2AhwdbPIzysZG\\", \\"timestamp\\": \\"2023-03-10T15:21:42.777095Z\\", \\"modified\\": \\"2023-03-10T15:21:42.777140Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:42.860123Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"78A5uYMsTzC2K0ptLKmcZZ\\", \\"timestamp\\": \\"2023-03-10T15:23:16.755833Z\\", \\"modified\\": \\"2023-03-10T15:23:16.755876Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:16.853559Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2NJvXYEBZFgCAnQLxLCdhr\\", \\"timestamp\\": \\"2023-03-10T15:26:31.602261Z\\", \\"modified\\": \\"2023-03-10T15:26:31.602335Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:31.707428Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1nbV0oqINN2BD3pzFYGbZ\\", \\"timestamp\\": \\"2023-03-10T15:31:03.315826Z\\", \\"modified\\": \\"2023-03-10T15:31:03.315869Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:03.388006Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"VbnXK03eQ77fpovSOqQ1N\\", \\"timestamp\\": \\"2023-03-10T15:34:17.748625Z\\", \\"modified\\": \\"2023-03-10T15:34:17.748661Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:17.820567Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6aeSzDm08hT0z37TLPjuqg\\", \\"timestamp\\": \\"2023-03-10T15:40:28.640638Z\\", \\"modified\\": \\"2023-03-10T15:40:28.640690Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:28.732272Z"}],"retained":"commercial","monitored":"problems","reported":"testing","mitigated":"sizes","outline":{"threat":"0a56325c64eb25cb75bf69f38fefb09b-thing.baduser.org","target":"aedfd1812b03c589a16ec1cacf4d1dc2.gc.ca","indicators":["provide.lnk","selling.gif","across.pdf","cyber.xls","innovation_enhanced_complex.doc","commercial.ppt","more.ppt"],"summary":"A party or witness in any proceedings who does not understand or speak the language in which the proceedings are conducted or who is deaf has the right to the assistance of an interpreter."},"labels":{"assignments":["ADS4B","ACE1C","CCID1A","APA1B"],"generic":["Outlook","Documentation","Drive","Danger"]},"votes":{"benign":["with","supports","complex","Cyber"],"obscure":["promote"],"malicious":["cutting","private"]},"dossier":{"key_a":"edge","key_b":"Government","key_c":"98"}},"assemblyline":{"antivirus":[{"type":"provide","subtype":"companies","value":"learn","verdict":"info"},{"type":"Program","subtype":"One","value":"BCIP","verdict":"info"}],"attribution":[{"type":"certain","subtype":"country","value":"For","verdict":"malicious"}],"behaviour":[{"type":"tools","subtype":"vendors","value":"potential","verdict":"suspicious"},{"type":"Canada","subtype":"art","value":"Canada","verdict":"safe"},{"type":"website","subtype":"tools","value":"Innovation","verdict":"safe"}],"domain":[{"type":"supports","subtype":"are","value":"industry","verdict":"Build"},{"type":"new","subtype":"defence","value":"bringing","verdict":"Canada"},{"type":"constantly","subtype":"edge","value":"new","verdict":"emerging"},{"type":"visit","subtype":"examine","value":"collaborating","verdict":"an"}],"heuristic":[{"type":"Canada","subtype":"with","value":"marketplace","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"Program","subtype":"programs","value":"key","verdict":"info"}],"technique":[{"type":"For","subtype":"government","value":"enhanced","verdict":"info"},{"type":"about","subtype":"Build","value":"commercial","verdict":"suspicious"}]},"uri":[{"type":"work","subtype":"order","value":"do","verdict":"constantly"},{"type":"emerging","subtype":"website","value":"assist","verdict":"emerging"},{"type":"Canada","subtype":"more","value":"them","verdict":"collaborating"}],"yara":[{"type":"about","subtype":"goods","value":"Government","verdict":"suspicious"},{"type":"helps","subtype":"visit","value":"Centre","verdict":"safe"},{"type":"to","subtype":"technical","value":"BCIP","verdict":"suspicious"}]},"agent":{"id":"constantly","name":"engaging_laboratory.gif","type":"The","version":"5.1.9"},"cbs":{"sharepoint":{"created":{"application":"website","user":"user"},"modified":{"application":"visit","user":"admin"}}},"cloud":{"account":{"id":"641g4p0WyxG4NbDydmUb53","name":"levels.lnk"},"availability_zone":"key","instance":{"id":"For","name":"constantly_to_open.lnk"},"machine":{"type":"companies"},"project":{"id":"open","name":"supports_country_the.pdf"},"provider":"stays","region":"also","service":{"name":"Google Docs"},"tenant_id":"48D4zExla17M9FxpZozsF1"},"container":{"id":"learn","image":{"hash":{"all":["government","state","are"]},"name":"certain_open_selling.xls","tag":["with","other","invite","evaluate"]},"labels":{"key_a":"partnerships","key_b":"about","key_c":"Build","key_d":"BCIP","key_e":"determine"},"name":"to.exe","runtime":"the"},"destination":{"address":"companies","bytes":451,"domain":"other.ca","geo":{"city_name":"to.jpg","continent_code":"government","continent_name":"assist.gif","country_iso_code":"determine","country_name":"build.pdf","location":{"lon":2700.24,"lat":2769.3},"name":"environment.pdf","postal_code":"an","region_iso_code":"feedback","region_name":"from_constantly.ppt","timezone":"us"},"ip":"129.181.141.161","mac":"7f:28:ce:5c:41:77","nat":{"ip":"103.36.247.202","port":2278},"packets":2936,"port":3571},"dns":{"answers":[{"class":"from","data":"companies","name":"program_provide_technology.lnk","ttl":2634,"type":"defence"},{"class":"supports","data":"technologies","name":"government.jpg","ttl":344,"type":"all"}],"header_flags":["an","defence"],"id":"from","op_code":"role","question":{"class":"private","name":"partners_helps_art.lnk","registered_domain":"by.com","subdomain":"examine.com","top_level_domain":"evaluate.ca","type":"tools"},"resolved_ip":["246.193.121.80","127.107.195.251","229.109.211.110","190.33.93.60"],"response_code":"in","type":"emerging"},"ecs":{"version":"8.3.7"},"error":{"code":"vendors","message":"invite"},"event":{"action":"learn","category":["email","authentication","iam","iam"],"code":"work","created":"2023-03-04T05:12:16.978097Z","dataset":"cutting","duration":3009,"end":"2023-02-21T01:37:47.978109Z","hash":"collaborating","id":"3UHUmEbLtPtx6QrnzUtQIO","ingested":"2023-02-23T20:22:52.978118Z","kind":"signal","module":"performs","original":"them","outcome":"unknown","provider":"CBS","reason":"certain","reference":"laboratory","risk_score":2431.48,"risk_score_norm":4065.45,"sequence":1283,"severity":1110,"start":"2023-02-27T06:42:28.978150Z","timezone":"product","type":["indicator"],"url":"experts"},"email":{"attachments":[{"file":{"extension":"Cyber","hash":{"md5":"1c4b86c75a2f946c8e55397724a3164f","sha1":"b96f4a62cd248296bb7ad23668eced3a71d77f75","sha256":"67b8e6b6c0135365f3e6cbca31b2e861bd480707348ef33358104e3cab7a6e6b","sha384":"9949d7d63c4c2eeafd81ef2d75511ef7147c12bfe8d9ae5fc399491c7ad9d8d8fa4d4f40c1c860250ba1802407456a55","sha512":"12207a4c493e1c6b15b7aff7e73cc760cc3428d7ac5d8ff53a048eb33a3d2ba6f6edc1426f11ea599070f8482bfb60a823ed58c711baaafe7c38957be6b19423","ssdeep":"50128:89QbQCOJJdpzvoayk6dHGGfaCmLc7:zpqbtL2qjARbkiaiMhivcFwGFApREQstuMjo9aDSCKLsLXmC9ok","tlsh":"stays"},"mime_type":"selling","name":"goods.exe","size":2192}},{"file":{"extension":"all","hash":{"md5":"31c88965f998b61001beb444e4fd842a","sha1":"db5246b387a97e38cefd33c62e7e24ae50b7f58d","sha256":"8f894d06a4c6b7bc6787f4e97c22895a68dffb6c3bac3270fdebe2ad4a8af30d","sha384":"b9ded12a6d9ca6e16e721afcc11ce5c7d2c656211af23d0efd20e7b1b7ff2be72a1732bf0dbab57e8c665be0885dd136","sha512":"5cd419272bf3b88f774a8253ebd655d1982a270bba3139bf16d82f916fb1740c00474079e2f046db1f3a19b31bb8f11f0ceddb7be75420e594ca113bc76156dd","ssdeep":"26777:UOT4vAm4PCuqKmHVaI7K4MGBEnN0uLu4qfScUrs37zzSVOUAsT:8LPibd0tvJkPRFxY2snJxseXgYFMh6NEyMNcCDt5mTHoeSjBil7MxKNhF8w7p4bA","tlsh":"To"},"mime_type":"Canada","name":"innovation_security_them.gif","size":1186}}],"bcc":{"address":"art@program.edu"},"cc":{"address":"experts@partnerships.ca"},"content_type":"with","delivery_timestamp":"2023-02-21T13:08:35.978571Z","direction":"Cyber","from":{"address":"collaborating@work.com"},"local_id":"CLtFc1y5jLkisx3z3s4VF","message_id":"64bzXVy0j7K6SNYp1WwQTM","origination_timestamp":"2023-03-06T15:44:40.978628Z","reply_to":{"address":"technology@complex.edu"},"sender":{"address":"cyber@services.com"},"subject":"To","to":{"address":"testing@examine.biz"},"x_mailer":"constantly","parent":{"bcc":{"address":"invite@is.edu"},"cc":{"address":"tools@technologies.biz"},"from":{"address":"visit@experts.biz"},"message_id":"2EDqTDVlwEEXCBai3d7XKh","origination_timestamp":"2023-03-05T22:57:56.978684Z","subject":"market","to":{"address":"canada@us.biz"},"source":"101.187.24.65","destination":"204.67.30.203"}},"faas":{"coldstart":true,"execution":"environment","id":"laboratory","name":"cyber_edge.gif","trigger":{"request_id":"1sCogjnsKcLpWHDMwr3O7x","type":"timer"},"version":"6.5.1"},"file":{"accessed":"2023-02-11T10:07:44.978759Z","attributes":["work","academia"],"created":"2023-02-04T04:56:40.978773Z","ctime":"2023-02-28T00:09:45.978777Z","device":"state","directory":"survey/support","drive_letter":"our","extension":"We","fork_name":"participating_this.pdf","gid":"Innovation","group":"ANALYSTS","inode":"sizes.com","mime_type":"role","mode":"learn","mtime":"2023-02-06T18:06:03.978817Z","name":"about.doc","owner":"determine","path":"constantly","size":3300,"target_path":"helps","type":"file","uid":"working","code_signature":{"digest_algorithm":"md5","exists":true,"signing_id":"1o4MWtA6SK1y9ftgTgKAGD","status":"Centre","subject_name":"selling_to.doc","team_id":"133n6tIxt6tMmg5cQ3ciiM","timestamp":"2023-02-08T00:02:54.978898Z","trusted":true,"valid":false},"elf":{"architecture":"environment","byte_order":"Cyber","cpu_type":"partnerships","creation_date":"stays","exports":["constantly","innovation","defence"],"header":{"abi_version":"7.3.0","class":"across","data":"survey","entrypoint":859,"object_version":"4.4.3","os_abi":"from","type":"in","version":"6.1.8"},"imports":["innovative","participating","The","certain"],"sections":[{"chi2":409,"entropy":1154,"flags":"experts","name":"of_sizes_marketplace.pdf","physical_offset":"an","physical_size":471,"type":"industry","virtual_address":1847,"virtual_size":3862},{"chi2":2354,"entropy":3297,"flags":"support","name":"complex_also_innovative.lnk","physical_offset":"invite","physical_size":1269,"type":"country","virtual_address":2326,"virtual_size":1418}],"segments":[{"chi2":3773,"entropy":472,"flags":"our","name":"is_to_across.pdf","physical_offset":"helps","physical_size":3971,"type":"bringing","virtual_address":2604,"virtual_size":935}],"shared_libraries":["companies"],"telfhash":"promote"},"hash":{"md5":"ffd4845bde2c36671b61d6bf89fa9b0b","sha1":"f6b5f53bf5546b3a21db91df3d93e63c7aea18c7","sha256":"e75380642716733561d85794591ab91d731423850aed8778e545a34f1c2cbdc3","sha384":"fe02769f55cfcece89b55fd00d3a149877cfd275c99f08e0df6b81c36179e829bee950ad6107240684f7d50664646ad7","sha512":"6efdb1acc2675dafe39e3dba7267c033a5f1aa75d155cf6f5164620f96a16e6fc82c20b3d89156a7a92ff9605c705c81e45641c691f2978c521b38e584d15cb2","ssdeep":"21700:5MeQ81PwVNS1QGgrocoShdv1BUyKMRRdLy6O:dLXr2jHCuv4tP2PJORYq8Ik2yA4v4iEyjfGuvwRgt8CnMYHptBkbA","tlsh":"examine"},"pe":{"architecture":"The","company":"transition","description":"to","file_version":"performs_innovation.jpg","imphash":"industry","original_file_name":"collaborating.doc","pehash":"our","product":"One"}},"group":{"domain":"authority.com","id":"goods","name":"transition_authority_marketplace.jpg"},"host":{"id":"services","ip":["98.235.247.64","55.166.248.103","194.236.182.107","104.206.108.242"],"mac":["AC9C10E610DC","4BA122E0C2FC","BE174B98D38B"],"name":"cyber.exe","domain":"innovation.edu","type":"marketplace"},"http":{"request":{"body":{"bytes":2447,"content":"working"},"bytes":1147,"id":"open","method":"feedback","mime_type":"One","referrer":"environment"},"response":{"body":{"bytes":556,"content":"technologies"},"bytes":2312,"mime_type":"For","status_code":3949},"version":"4.0.1"},"organization":{"id":"52","name":"OAG"},"process":{"args":["sizes","evaluate","role","transition"],"args_count":3615,"command_line":"emerging","end":"2023-02-04T08:12:03.979430Z","entity_id":"3ck92JbSmuKjgzF8hckSut","env_vars":{"key_a":"website","key_b":"learn","key_c":"support","key_d":"levels","key_e":"us"},"executable":"cutting","exit_code":1350,"interactive":false,"name":"from.lnk","parent":[{"args":["helps"],"args_count":2435,"command_line":"sizes","end":"2023-03-06T22:01:51.979501Z","entity_id":"CvWanPSSezbBixKqlKtoO","env_vars":{"key_a":"To","key_b":"levels"},"executable":"selling","exit_code":3644,"interactive":false,"name":"programs_role_potential.exe","pid":2176,"same_as_process":false,"start":"2023-02-26T05:19:29.979554Z","user":{"id":"do","name":"by_support.doc"}}],"pid":1506,"same_as_process":false,"start":"2023-02-06T08:47:52.979575Z","title":"of","uptime":1920,"user":{"id":"new","name":"us_potential.gif"},"working_directory":"one/of/innovation"},"registry":{"data":{"bytes":"learn","strings":["environment","Government"],"type":"technical"},"hive":"to","key":"country","path":"examine","value":"of"},"related":{"hash":["innovation","open"],"hosts":["defence.edu"],"ip":["90.219.205.172"],"user":["admin"],"id":"order","uri":["https://emerging.edu/support/also/cutting/edge/environment","https://the.com/key/with/state/market/are","https://new.biz/evaluate/participating/provide/the","http://technologies.com/levels/of/to/Program"],"signature":["emerging","problems"]},"server":{"ip":"36.134.134.141","address":"complex","domain":"evaluate.edu"},"source":{"address":"Centre","bytes":1255,"domain":"programs.ca","geo":{"city_name":"promote.pdf","continent_code":"on","continent_name":"innovations_defence.ppt","country_iso_code":"do","country_name":"innovations_state.gif","location":{"lon":2701.26,"lat":2062.91},"name":"supports_engaging_selling.xls","postal_code":"learn","region_iso_code":"The","region_name":"sizes.xls","timezone":"about"},"ip":"172.205.219.89","mac":"3e:2b:0b:03:1b:ac","nat":{"ip":"218.133.14.93","port":1562},"packets":3072,"port":3786},"threat":{"feed":{"dashboard_id":"7Bvjy08rNgzthpGIVSGet","description":"across","name":"participating_partners.jpg","reference":"partnerships"},"framework":"MITRE ATT&CK","group":{"alias":["on","evaluate"],"id":"engaging","name":"is_for.jpg","reference":"innovative"},"indicator":{"confidence":"working","description":"Everyone has the following fundamental freedoms.","email":{"address":"laboratory"},"provider":"Build","reference":"state","scanner_stats":1976,"sightings":1221,"ip":"84.108.27.6","type":"this","first_seen":"2023-02-22T18:21:47.979934Z","last_seen":"2023-02-08T21:30:54.979944Z"},"software":{"alias":["about"],"id":"across","name":"enhanced_supports.doc","platform":["environment","on","performs","provide"],"reference":"new","type":"problems"},"tactic":{"id":"TA0002","name":"Execution","reference":"our"},"technique":{"id":"T1218","name":"System Binary Proxy Execution","reference":"Innovation"}},"tls":{"version":"7.0.0","version_protocol":"7.2.4","client":{"server_name":"country.gif","ja3":"supports"},"server":{"ja3s":"open"}},"url":{"domain":"an.edu","extension":"state","fragment":"their","full":"invite","original":"participating","password":"tools","path":"their","port":713,"query":"Program","registered_domain":"edge.com","scheme":"support","subdomain":"certain.biz","top_level_domain":"feedback.com","username":"admin"},"user":{"domain":"problems.edu","email":"support@for.ca","full_name":"do.gif","group":{"domain":"about.ca","id":"Centre","name":"partners_for.xls"},"hash":"experts","id":"open","name":"marketplace","roles":["all","vendors"]},"user_agent":{"device":{"name":"technology_new.exe"},"name":"work_about.gif","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"constantly","full":"potential","kernel":"of","name":"order.pdf","platform":"supports","type":"are","version":"5.4.1"},"version":"4.0.8"},"vulnerability":{"category":["partnerships","cutting","To"],"classification":"engaging","description":"One","enumeration":"support","id":"them","reference":"provide","report_id":"7bb8mNz0yuRsCUgYB9cI7Q"}},"6wH7UeVWlJV99u0e5KWrbr":{"timestamp":"2023-02-23T11:58:35.800486Z","labels":{"key_a":"participating","key_b":"all","key_c":"provide","key_d":"To","key_e":"to"},"tags":["are","bringing"],"howler":{"id":"6wH7UeVWlJV99u0e5KWrbr","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Lateral Movement","hash":"da2bb7f4c12c72a015868ca5eea5f1a5063cf18c6a0845412b92762077354bc2","related":["evaluate","of","transition"],"reliability":1690.74,"severity":1971.16,"volume":1957.2,"confidence":3637.11,"score":1236.09,"status":"open","scrutiny":"surveyed","escalation":"alert","assessment":null,"comment":[{"id":"IzVhflOXAxAiP97CNs5fx","timestamp":"2023-02-19T10:21:04.800667Z","modified":"2023-02-20T07:30:28.800673Z","value":"Freedom of association.","user":"shawnh"},{"id":"4U24FPWj1XLyIiqpOk5gKu","timestamp":"2023-02-09T17:36:59.800700Z","modified":"2023-02-22T10:11:36.800704Z","value":"Advancement of status and use.","user":"shawnh"},{"modified":"2023-03-10T14:55:04.183306Z","id":"54A6D6F1lvqpwTn2luMZnQ","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:04.183257Z"},{"modified":"2023-03-10T14:55:43.501041Z","id":"71au8K6P8GtMdLRZYWfXF7","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:43.500828Z"},{"modified":"2023-03-10T15:11:49.163696Z","id":"6jPVXa72W8tQDnt0cAqB96","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:49.163657Z"},{"modified":"2023-03-10T15:12:35.068938Z","id":"59GqdByp5oibLlu67hIZsh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:35.068879Z"},{"modified":"2023-03-10T15:13:05.582421Z","id":"4NeL1YgILG2unvUlny5jc","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:05.582387Z"},{"modified":"2023-03-10T15:13:29.197656Z","id":"4gWaatOJv7h1dIDFd5752S","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:29.197620Z"},{"modified":"2023-03-10T15:14:24.558937Z","id":"5egOwGla4qA1iovb9KBmp7","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:24.558879Z"},{"modified":"2023-03-10T15:14:51.204187Z","id":"6c5xO1BYZcNlmH8FUG1YKa","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:51.204150Z"},{"modified":"2023-03-10T15:19:12.074324Z","id":"6mvgx9VmvkFnGlAuZzFpL0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:12.074270Z"},{"modified":"2023-03-10T15:20:04.971465Z","id":"E33uZBa17q3tN4lBseXjI","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:04.971409Z"},{"modified":"2023-03-10T15:21:43.112272Z","id":"4s9JoHAz2rOmxwclbLvVdC","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:43.112217Z"},{"modified":"2023-03-10T15:23:17.127496Z","id":"4PCcI3qTXg2VPGZ3zzQJXo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:17.127440Z"},{"modified":"2023-03-10T15:26:31.983543Z","id":"35jBansH4ffv2xCA8ZWaWl","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:31.983489Z"},{"modified":"2023-03-10T15:31:03.604855Z","id":"pcexyptvcGdlx7VkjctdG","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:03.604818Z"},{"modified":"2023-03-10T15:34:18.065178Z","id":"DGJ8OxlTWqcXZk0f6kvzh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:18.065125Z"},{"modified":"2023-03-10T15:40:28.984356Z","id":"7kunPl0oUbxwQLPK5tMyEX","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:28.984303Z"}],"log":[{"timestamp":"2023-02-15T13:40:31.800714Z","key":"our","explanation":"Subsections and do not preclude any law, program or activity that has as its object the amelioration in a province of conditions of individuals in that province who are socially or economically disadvantaged if the rate of employment in that province is below the rate of employment in Canada.","new_value":"security","type":"set","previous_value":"transition","user":"admin"},{"timestamp":"2023-03-02T10:02:26.800733Z","key":"are","explanation":"Nothing in sections 16 to 20 abrogates or derogates from any right, privilege or obligation with respect to the English and French languages, or either of them, that exists or is continued by virtue of any other provision of the Constitution of Canada.","new_value":"this","type":"appended","previous_value":"The","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"54A6D6F1lvqpwTn2luMZnQ\\", \\"timestamp\\": \\"2023-03-10T14:55:04.183257Z\\", \\"modified\\": \\"2023-03-10T14:55:04.183306Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:04.277040Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"71au8K6P8GtMdLRZYWfXF7\\", \\"timestamp\\": \\"2023-03-10T14:55:43.500828Z\\", \\"modified\\": \\"2023-03-10T14:55:43.501041Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:43.605330Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6jPVXa72W8tQDnt0cAqB96\\", \\"timestamp\\": \\"2023-03-10T15:11:49.163657Z\\", \\"modified\\": \\"2023-03-10T15:11:49.163696Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:49.234923Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"59GqdByp5oibLlu67hIZsh\\", \\"timestamp\\": \\"2023-03-10T15:12:35.068879Z\\", \\"modified\\": \\"2023-03-10T15:12:35.068938Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:35.148008Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4NeL1YgILG2unvUlny5jc\\", \\"timestamp\\": \\"2023-03-10T15:13:05.582387Z\\", \\"modified\\": \\"2023-03-10T15:13:05.582421Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:05.658625Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4gWaatOJv7h1dIDFd5752S\\", \\"timestamp\\": \\"2023-03-10T15:13:29.197620Z\\", \\"modified\\": \\"2023-03-10T15:13:29.197656Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:29.276131Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5egOwGla4qA1iovb9KBmp7\\", \\"timestamp\\": \\"2023-03-10T15:14:24.558879Z\\", \\"modified\\": \\"2023-03-10T15:14:24.558937Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:24.630870Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6c5xO1BYZcNlmH8FUG1YKa\\", \\"timestamp\\": \\"2023-03-10T15:14:51.204150Z\\", \\"modified\\": \\"2023-03-10T15:14:51.204187Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:51.277850Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6mvgx9VmvkFnGlAuZzFpL0\\", \\"timestamp\\": \\"2023-03-10T15:19:12.074270Z\\", \\"modified\\": \\"2023-03-10T15:19:12.074324Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:12.162019Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"E33uZBa17q3tN4lBseXjI\\", \\"timestamp\\": \\"2023-03-10T15:20:04.971409Z\\", \\"modified\\": \\"2023-03-10T15:20:04.971465Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:05.058807Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4s9JoHAz2rOmxwclbLvVdC\\", \\"timestamp\\": \\"2023-03-10T15:21:43.112217Z\\", \\"modified\\": \\"2023-03-10T15:21:43.112272Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:43.198899Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4PCcI3qTXg2VPGZ3zzQJXo\\", \\"timestamp\\": \\"2023-03-10T15:23:17.127440Z\\", \\"modified\\": \\"2023-03-10T15:23:17.127496Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:17.225479Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"35jBansH4ffv2xCA8ZWaWl\\", \\"timestamp\\": \\"2023-03-10T15:26:31.983489Z\\", \\"modified\\": \\"2023-03-10T15:26:31.983543Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:32.062092Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"pcexyptvcGdlx7VkjctdG\\", \\"timestamp\\": \\"2023-03-10T15:31:03.604818Z\\", \\"modified\\": \\"2023-03-10T15:31:03.604855Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:03.674461Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"DGJ8OxlTWqcXZk0f6kvzh\\", \\"timestamp\\": \\"2023-03-10T15:34:18.065125Z\\", \\"modified\\": \\"2023-03-10T15:34:18.065178Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:18.178542Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7kunPl0oUbxwQLPK5tMyEX\\", \\"timestamp\\": \\"2023-03-10T15:40:28.984303Z\\", \\"modified\\": \\"2023-03-10T15:40:28.984356Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:29.064024Z"}],"retained":"provide","monitored":"helps","reported":"partners","mitigated":"partnerships","outline":{"threat":"45.128.104.144","target":"transition.edu","indicators":["country_working_open.lnk","evaluate.ppt"],"summary":"Any member of the public in New Brunswick has the right to communicate with, and to receive available services from, any office of an institution of the legislature or government of New Brunswick in English or French."},"labels":{"assignments":["APA2B","ADS2A"],"generic":["Documentation"]},"votes":{"benign":["but","For"],"obscure":["To","country","visit","role"],"malicious":["We"]},"dossier":{"key_a":"market"}},"assemblyline":{"antivirus":[{"type":"feedback","subtype":"also","value":"role","verdict":"info"},{"type":"development","subtype":"more","value":"technologies","verdict":"safe"},{"type":"companies","subtype":"us","value":"tools","verdict":"suspicious"},{"type":"private","subtype":"We","value":"but","verdict":"suspicious"}],"attribution":[{"type":"To","subtype":"cyber","value":"across","verdict":"malicious"},{"type":"product","subtype":"cyber","value":"helps","verdict":"malicious"},{"type":"marketplace","subtype":"us","value":"all","verdict":"info"}],"behaviour":[{"type":"from","subtype":"their","value":"One","verdict":"malicious"},{"type":"are","subtype":"environment","value":"tools","verdict":"malicious"},{"type":"emerging","subtype":"companies","value":"Build","verdict":"info"}],"domain":[{"type":"partnerships","subtype":"participating","value":"tools","verdict":"Program"}],"heuristic":[{"type":"but","subtype":"vendors","value":"levels","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"companies","subtype":"Government","value":"levels","verdict":"suspicious"},{"type":"cyber","subtype":"technologies","value":"authority","verdict":"suspicious"}],"technique":[{"type":"testing","subtype":"commercial","value":"tools","verdict":"info"},{"type":"work","subtype":"Canadian","value":"commercial","verdict":"info"},{"type":"all","subtype":"helps","value":"the","verdict":"safe"}]},"uri":[{"type":"feedback","subtype":"To","value":"market","verdict":"helps"},{"type":"experts","subtype":"collaborating","value":"Cyber","verdict":"We"}],"yara":[{"type":"cyber","subtype":"Canada","value":"evaluate","verdict":"safe"},{"type":"Centre","subtype":"authority","value":"goods","verdict":"malicious"},{"type":"government","subtype":"marketplace","value":"but","verdict":"malicious"}]},"agent":{"id":"problems","name":"sizes_in.ppt","type":"open","version":"6.0.6"},"cbs":{"sharepoint":{"created":{"application":"provide","user":"admin"},"modified":{"application":"the","user":"admin"}}},"cloud":{"account":{"id":"1YH6oghLjeaWzQBZ5nXgBs","name":"private.ppt"},"availability_zone":"working","instance":{"id":"new","name":"other_of.pdf"},"machine":{"type":"laboratory"},"project":{"id":"Government","name":"cyber_this.doc"},"provider":"Canada","region":"edge","service":{"name":"Google Docs"},"tenant_id":"2gN1nzBSitKdNwXGa0IbVH"},"container":{"id":"other","image":{"hash":{"all":["work","them"]},"name":"program_art_testing.lnk","tag":["industry","do","technology","across"]},"labels":{"key_a":"government"},"name":"industry.doc","runtime":"state"},"destination":{"address":"selling","bytes":167,"domain":"open.biz","geo":{"city_name":"participating_also_selling.pdf","continent_code":"are","continent_name":"canada_more_their.ppt","country_iso_code":"with","country_name":"the_constantly.lnk","location":{"lon":921.67,"lat":3170},"name":"state.gif","postal_code":"security","region_iso_code":"environment","region_name":"experts.xls","timezone":"order"},"ip":"31.14.31.26","mac":"74:e8:43:bf:c8:98","nat":{"ip":"126.136.113.238","port":2115},"packets":184,"port":2559},"dns":{"answers":[{"class":"our","data":"goods","name":"provide.lnk","ttl":520,"type":"innovation"},{"class":"performs","data":"provide","name":"laboratory.ppt","ttl":3902,"type":"stays"},{"class":"tools","data":"also","name":"innovation.ppt","ttl":1386,"type":"vendors"},{"class":"improve","data":"authority","name":"emerging_state.doc","ttl":1516,"type":"an"}],"header_flags":["state","participating","partners"],"id":"technologies","op_code":"in","question":{"class":"order","name":"complex_innovative_role.ppt","registered_domain":"transition.edu","subdomain":"from.ca","top_level_domain":"government.edu","type":"bringing"},"resolved_ip":["5.179.56.87"],"response_code":"assist","type":"working"},"ecs":{"version":"5.1.7"},"error":{"code":"Innovation","message":"participating"},"event":{"action":"tools","category":["process","iam"],"code":"vendors","created":"2023-03-04T02:33:39.801401Z","dataset":"also","duration":3202,"end":"2023-02-16T07:11:00.801410Z","hash":"development","id":"6wH7UeVWlJV99u0e5KWrbr","ingested":"2023-02-21T02:46:33.801419Z","kind":"state","module":"Centre","original":"role","outcome":"unknown","provider":"HBS","reason":"do","reference":"BCIP","risk_score":3161.3,"risk_score_norm":1662.17,"sequence":2018,"severity":2843,"start":"2023-02-22T04:29:44.803690Z","timezone":"Program","type":["indicator","start","installation"],"url":"marketplace"},"email":{"attachments":[{"file":{"extension":"feedback","hash":{"md5":"9d7e1c4cff4a4735cf8ae6b418c327bc","sha1":"28d5c51633057494d769aa730c59476ab947d565","sha256":"87cf1ca8dbbf06915cea1a0cf2df0d6fd09c9408c6345efea806380712e5fb03","sha384":"9e049a11c15743ca87cebc4f03acfca00c997626274da4a04f99e20e88fb3e9d2f4c15114d6f8c69e96c187b0c0a8804","sha512":"6b2ac51cdba2c09a6e1881e3be37fb2df9c206c91b6d6e11ad3825551e3e0b6a5927656b8daa0d3ad0d79f5d328e239331321bcc55b7b6af8f6d4f7887e766a1","ssdeep":"8762:Fhx3tMzDDrNXCbxTXFCFiDlgnlsQ7rYauJZ97O:LiZbVp9L0RM16UIXTa7Czlq6imGDPaY5tBTS2","tlsh":"complex"},"mime_type":"transition","name":"cyber_learn_order.xls","size":421}},{"file":{"extension":"invite","hash":{"md5":"cd884950ac4e71aea68619e5d9cdd681","sha1":"c730a313bff6013bce5bae2337f5fd2abd8a7cb7","sha256":"04ae9fec05062446f45ab3e6aaaca02c05ade661d1f00ad8d51f65b364548269","sha384":"7ada1351024d17c0cf7902c61e7efb4761efe85ab6e54c1e3ce3bef422456b1122a06b507b813003571a2aa67f3ea84c","sha512":"4abffa122a17eef1d71e86337ddb845d31e2b1eb0fd436926e3325c60974b9e6aa5420af3346f4ff32de656d84a9123953ba80c9b6f346107ae6facddb34bdb0","ssdeep":"26516:pHJJ1bBdYeE1xe73P4TTljzVDtNFBlxJu4NmPCIPLPd3KprPJO9uqzm:1wcnPD8Un94IijJE10eueqMUdopQjGFtEpEgzxIYeAVNfn5ECJsIPnGNOCL3CQ","tlsh":"by"},"mime_type":"performs","name":"provide_certain.doc","size":345}},{"file":{"extension":"more","hash":{"md5":"43e4456136044372349ae2f7eccf4807","sha1":"1fafff29b5349aa62a6d4dcb73e7495c0d26955f","sha256":"2a1f4ac1ebece732910ad7a69c8d418f7d02a1c0b9b817b7b9dcc0f4c9185fd5","sha384":"3704b2ba4b7462e9b262892d400c3121f95a43da8db043cb226a1e1ca30349c84838a90e963a1d3d36346a25b8664474","sha512":"6503282597acdb3bd919ba96573ad3046516cc064d66aaa1bab5decfb45adf03d70e5e09585e6763d9a7437b71259faf5a66157e80f1094c071f9e41c2d63c97","ssdeep":"9545:ddU8wMCbrvjkPl8BbYeitxdPAKZt2Ngun9gxLYNoTLZP2ARqBEoz:5OoXmKQP2PDO8oq7xocKHrmfEX5eJevitgi7","tlsh":"examine"},"mime_type":"technical","name":"is_cyber_build.jpg","size":2180}},{"file":{"extension":"new","hash":{"md5":"2ffee2dde1ec9ba57a79fcfc07dfc7c6","sha1":"882f9d95f6a92b3288adb28e3007a832ed46f459","sha256":"1f4c270d4a85d92cc82b7ab49a93ffab0a6cdfc387ad711acd6e214beb563508","sha384":"ab1d70e7ea19d4e85fdd550a9e5469eea94ede7bfe5581872cac35a52bc026dac96a4a5da1fed0c6f9d815539b991301","sha512":"4adbd9c732a79a55460817041534d923cd5f9a15e485f8808affefb9ffac6057ebf7355688eaa4c688fdaa5cdfd75e22fe8c228a6f0a896c15596cc66e34b82b","ssdeep":"34285:KJdsbS8jzSg2p5a6yiI49qncJ7EK9nIbcfesrJmxqur0OrbhqTgUIn3YYSfphr:V0TcgB1mULAQgzZOFnJbnTcOuGSg8nvPJCXtDmZIkkzPi54OK0Qc2exzuc","tlsh":"One"},"mime_type":"this","name":"other.gif","size":2161}}],"bcc":{"address":"the@innovations.edu"},"cc":{"address":"marketplace@the.ca"},"content_type":"We","delivery_timestamp":"2023-02-20T20:44:39.804490Z","direction":"us","from":{"address":"is@program.com"},"local_id":"UQcozSniJrt3r97E29g3b","message_id":"5YMD0fMb5hi6nsBqvfJeKR","origination_timestamp":"2023-02-17T03:40:20.804548Z","reply_to":{"address":"partners@constantly.com"},"sender":{"address":"do@assist.ca"},"subject":"complex","to":{"address":"testing@enhanced.edu"},"x_mailer":"with","parent":{"bcc":{"address":"partnerships@across.ca"},"cc":{"address":"levels@laboratory.com"},"from":{"address":"also@enhanced.edu"},"message_id":"6UnZdMgQHusZoYB5ZpJ21f","origination_timestamp":"2023-02-06T00:37:07.804600Z","subject":"problems","to":{"address":"transition@their.com"},"source":"215.251.143.3","destination":"22.86.100.52"}},"faas":{"coldstart":false,"execution":"sizes","id":"the","name":"environment_open_services.lnk","trigger":{"request_id":"3glNdCqiU6bfChxO5agwom","type":"datasource"},"version":"8.4.7"},"file":{"accessed":"2023-02-23T21:07:20.804670Z","attributes":["potential","Canadian","helps"],"created":"2023-02-26T23:09:00.804684Z","ctime":"2023-02-14T18:35:16.804688Z","device":"academia","directory":"goods/art/engaging/enhanced/their/art","drive_letter":"technology","extension":"problems","fork_name":"our_determine.lnk","gid":"innovations","group":"ADMINS","inode":"their.com","mime_type":"partners","mode":"are","mtime":"2023-02-24T13:06:41.804726Z","name":"across_security_visit.gif","owner":"innovative","path":"provide","size":3096,"target_path":"are","type":"dir","uid":"more","code_signature":{"digest_algorithm":"sha512","exists":false,"signing_id":"57iXJRrNRXTiJevUGti8ay","status":"engaging","subject_name":"potential_about.gif","team_id":"6EPvQBqJ2Nqb1jEtqHULys","timestamp":"2023-02-21T00:10:10.804801Z","trusted":false,"valid":true},"elf":{"architecture":"this","byte_order":"Cyber","cpu_type":"determine","creation_date":"all","exports":["but","across","support","services"],"header":{"abi_version":"6.3.5","class":"from","data":"technologies","entrypoint":505,"object_version":"4.3.4","os_abi":"collaborating","type":"Program","version":"6.5.1"},"imports":["product","us","technologies"],"sections":[{"chi2":2512,"entropy":3087,"flags":"examine","name":"collaborating_order.ppt","physical_offset":"about","physical_size":2573,"type":"determine","virtual_address":3029,"virtual_size":2337},{"chi2":3861,"entropy":3115,"flags":"engaging","name":"provide_visit_also.ppt","physical_offset":"an","physical_size":918,"type":"security","virtual_address":3034,"virtual_size":1629},{"chi2":3915,"entropy":3044,"flags":"order","name":"to_more_edge.gif","physical_offset":"on","physical_size":3452,"type":"bringing","virtual_address":3108,"virtual_size":3694}],"segments":[{"chi2":2860,"entropy":951,"flags":"problems","name":"support_industry_other.pdf","physical_offset":"from","physical_size":1910,"type":"edge","virtual_address":3925,"virtual_size":752}],"shared_libraries":["Cyber","across","learn"],"telfhash":"certain"},"hash":{"md5":"0d78ccce9adfcd2a6ab230a1d8d1e189","sha1":"b982d5acbbab3de596cecf3377d8bf3259508f6f","sha256":"135340011cb39c9e5fb39ba4b25ef3781c91a3d9ada973ab78c9f94d7b9e98f5","sha384":"cc22faae2654fdeca7056ffb41e1e666555abbdef3ddbd7bb80939451d5842066048cc6186d602fd94c095760536bd29","sha512":"2df0eba7e172abe653e40ed84287970132dc94e3ee4310dc233e06c2fe46c64a39c204003275dcb8033aff9367ffac3b5b852212913078cfc2549342a491332c","ssdeep":"22310:D5Ae6TMQMGceszV6FEx8F0igJh2M:xCuHeU5BPJCuwR5fcPlwMNOeCK2v2JzHgfDUf1Pd66XVwCPjy4ColwuXy","tlsh":"To"},"pe":{"architecture":"security","company":"security","description":"industry","file_version":"for_helps.lnk","imphash":"engaging","original_file_name":"bcip.lnk","pehash":"more","product":"evaluate"}},"group":{"domain":"of.com","id":"improve","name":"helps.lnk"},"host":{"id":"website","ip":["91.67.107.97","192.188.168.37"],"mac":["3249C15B5F50","D10E2992CDA3","A101E48BE776"],"name":"government_innovative.doc","domain":"helps.biz","type":"innovations"},"http":{"request":{"body":{"bytes":142,"content":"Build"},"bytes":1152,"id":"on","method":"provide","mime_type":"academia","referrer":"state"},"response":{"body":{"bytes":2200,"content":"testing"},"bytes":977,"mime_type":"services","status_code":3687},"version":"5.1.4"},"organization":{"id":"165","name":"FCC"},"process":{"args":["examine","more"],"args_count":3779,"command_line":"tools","end":"2023-02-18T05:33:51.805254Z","entity_id":"1LohLxcgxac5UcCQGni7xM","env_vars":{"key_a":"invite","key_b":"programs","key_c":"bringing"},"executable":"innovations","exit_code":1641,"interactive":false,"name":"state_innovation.gif","parent":[{"args":["security","programs","on","academia"],"args_count":2663,"command_line":"of","end":"2023-02-04T11:00:28.805317Z","entity_id":"6ADVDU5vqcR1bWXKzu1kxp","env_vars":{"key_a":"Government","key_b":"to","key_c":"more","key_d":"new","key_e":"partners"},"executable":"edge","exit_code":3940,"interactive":false,"name":"in.doc","pid":2555,"same_as_process":true,"start":"2023-03-03T01:38:26.805366Z","user":{"id":"authority","name":"survey_role_from.jpg"}},{"args":["by","We","art"],"args_count":1359,"command_line":"Canada","end":"2023-02-17T20:09:55.805393Z","entity_id":"7CiSHJqSzvyfTmwtlaariL","env_vars":{"key_a":"For"},"executable":"do","exit_code":2119,"interactive":false,"name":"country_invite_key.lnk","pid":3062,"same_as_process":true,"start":"2023-02-09T14:17:49.805434Z","user":{"id":"learn","name":"cutting.lnk"}},{"args":["other","across"],"args_count":2078,"command_line":"Canada","end":"2023-02-21T08:17:55.805456Z","entity_id":"HnGGb5tL7cZHwtaCNPgAw","env_vars":{"key_a":"our","key_b":"role","key_c":"state","key_d":"BCIP","key_e":"stays"},"executable":"private","exit_code":2213,"interactive":true,"name":"from_constantly.jpg","pid":3812,"same_as_process":false,"start":"2023-02-12T18:07:21.805502Z","user":{"id":"art","name":"selling.lnk"}},{"args":["emerging","companies","from"],"args_count":1468,"command_line":"government","end":"2023-03-08T08:36:56.805526Z","entity_id":"7gbPct5VCETdU4omPTcNAd","env_vars":{"key_a":"collaborating"},"executable":"Canada","exit_code":2367,"interactive":true,"name":"partnerships_cyber_partnerships.lnk","pid":3736,"same_as_process":true,"start":"2023-02-12T19:42:21.805566Z","user":{"id":"partnerships","name":"commercial_emerging.xls"}}],"pid":176,"same_as_process":false,"start":"2023-02-15T13:47:12.805581Z","title":"more","uptime":811,"user":{"id":"private","name":"us_security_we.jpg"},"working_directory":"problems/technical/also/industry/constantly/from"},"registry":{"data":{"bytes":"innovative","strings":["innovative","services"],"type":"across"},"hive":"supports","key":"companies","path":"levels","value":"feedback"},"related":{"hash":["more","bringing"],"hosts":["their.biz"],"ip":["34.133.27.248","2.152.36.241"],"user":["user","admin"],"id":"sizes","uri":["ftp://sizes.com/laboratory/experts/authority/provide","https://centre.biz/by/marketplace/Canada","ftp://government.com/product/improve/enhanced/an"],"signature":["of","survey"]},"server":{"ip":"52.222.14.47","address":"selling","domain":"one.edu"},"source":{"address":"private","bytes":2362,"domain":"cyber.biz","geo":{"city_name":"open_certain.exe","continent_code":"stays","continent_name":"in_technical.pdf","country_iso_code":"tools","country_name":"we_of_key.gif","location":{"lon":571.34,"lat":1871.45},"name":"we_program.ppt","postal_code":"our","region_iso_code":"survey","region_name":"centre.doc","timezone":"engaging"},"ip":"89.253.132.254","mac":"41:fd:4d:05:34:35","nat":{"ip":"105.33.250.129","port":2653},"packets":2238,"port":151},"threat":{"feed":{"dashboard_id":"730imcUomMzQQjAeA2j10E","description":"companies","name":"testing.jpg","reference":"determine"},"framework":"MITRE ATT&CK","group":{"alias":["stays"],"id":"support","name":"determine_security.jpg","reference":"country"},"indicator":{"confidence":"do","description":"Continuation in special circumstances.","email":{"address":"enhanced"},"provider":"improve","reference":"enhanced","scanner_stats":2594,"sightings":2195,"ip":"163.108.125.236","type":"BCIP","first_seen":"2023-02-15T22:50:07.805849Z","last_seen":"2023-02-20T06:33:37.805853Z"},"software":{"alias":["technology","industry","helps"],"id":"sizes","name":"this.jpg","platform":["problems","provide"],"reference":"do","type":"working"},"tactic":{"id":"TA0008","name":"Lateral Movement","reference":"supports"},"technique":{"id":"T1566","name":"Phishing","reference":"emerging"}},"tls":{"version":"4.2.9","version_protocol":"8.3.4","client":{"server_name":"development_learn.ppt","ja3":"us"},"server":{"ja3s":"goods"}},"url":{"domain":"partnerships.biz","extension":"survey","fragment":"examine","full":"us","original":"invite","password":"Build","path":"promote","port":2305,"query":"are","registered_domain":"their.ca","scheme":"defence","subdomain":"bcip.edu","top_level_domain":"defence.com","username":"user"},"user":{"domain":"canadian.edu","email":"on@constantly.biz","full_name":"enhanced.ppt","group":{"domain":"learn.ca","id":"levels","name":"edge.jpg"},"hash":"enhanced","id":"about","name":"problems","roles":["their","partners","determine"]},"user_agent":{"device":{"name":"edge.ppt"},"name":"work.gif","original":"Mozilla/5.0 (Linux; Android 10; SM-G980F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.96 Mobile Safari/537.36","os":{"family":"open","full":"technologies","kernel":"collaborating","name":"survey_cyber_transition.pdf","platform":"For","type":"evaluate","version":"5.0.3"},"version":"6.0.1"},"vulnerability":{"category":["country","goods"],"classification":"about","description":"Canada","enumeration":"complex","id":"website","reference":"To","report_id":"6U0q1Wno4MPZJeWbagGNan"}},"7R8k7U5tdf98JtvhMyJ3Fv":{"timestamp":"2023-02-05T06:43:15.085015Z","labels":{"key_a":"examine","key_b":"tools"},"tags":["evaluate","survey","to"],"howler":{"id":"7R8k7U5tdf98JtvhMyJ3Fv","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Credential Access","hash":"bf05c09eeab19abc0f3fddb44f5cea6faf5a98bca542031a0e33dc3e0cd7e930","related":["also","provide"],"reliability":1635.75,"severity":3899.63,"volume":2644.96,"confidence":1959.28,"score":2927.11,"status":"open","scrutiny":"inspected","escalation":"hit","assessment":null,"comment":[{"id":"4cTl7UEoN8xs0GoW5fLlc3","timestamp":"2023-02-24T16:43:12.085188Z","modified":"2023-03-03T09:12:22.085193Z","value":"Citizens of Canada.","user":"user"},{"id":"3Xbi41pnpkMqrfGm7oIWiV","timestamp":"2023-02-07T21:41:26.085221Z","modified":"2023-02-15T01:58:29.085225Z","value":"Legal Rights.","user":"shawnh"},{"modified":"2023-03-10T14:55:04.532371Z","id":"178qvIG87iPDgzWnp6e4qb","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:04.532328Z"},{"modified":"2023-03-10T14:55:43.869659Z","id":"68zVsSWVb1py7beY4IAvhr","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:43.869589Z"},{"modified":"2023-03-10T15:11:49.462514Z","id":"2iEBLE917H03DgqF1JYyN7","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:49.462467Z"},{"modified":"2023-03-10T15:12:35.386657Z","id":"7DfUyAgygJUWjvdfbpQY7W","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:35.386592Z"},{"modified":"2023-03-10T15:13:05.883882Z","id":"1uPbbVwdn7qSkvHIcfKTSo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:05.883835Z"},{"modified":"2023-03-10T15:13:29.498548Z","id":"5eV1emV5mNJw4i9IYdzoLU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:29.498513Z"},{"modified":"2023-03-10T15:14:24.849780Z","id":"eeSr8wgaB1hNRhfNK4bcR","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:24.849725Z"},{"modified":"2023-03-10T15:14:51.513063Z","id":"3PABiR3qFm3y0BiwXx6k43","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:51.513021Z"},{"modified":"2023-03-10T15:19:12.422456Z","id":"7bz2LXv3gxgsxqJQnDEx9C","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:12.422379Z"},{"modified":"2023-03-10T15:20:05.327966Z","id":"3FjJmCVvjCfXm0lSyJpDOE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:05.327907Z"},{"modified":"2023-03-10T15:21:43.453963Z","id":"3YWWmLgGlg9Fj3J0sTalfE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:43.453916Z"},{"modified":"2023-03-10T15:23:17.492931Z","id":"64huufBbpwr57XPCYg4ewX","value":"test","user":"shawnh","timestamp":"2023-03-10T15:23:17.492879Z"},{"modified":"2023-03-10T15:26:32.287524Z","id":"71qaHLwlqIDROHXyRU7OXj","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:32.287479Z"},{"modified":"2023-03-10T15:31:03.916212Z","id":"7E6VE7P6tMbyQiBdqrbYCH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:03.916171Z"},{"modified":"2023-03-10T15:34:18.446926Z","id":"1vGzGPvslRvAltvTv7WuAu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:18.446873Z"},{"modified":"2023-03-10T15:40:29.298375Z","id":"1QdL0w3t3Bn8r2gTYE7IBB","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:29.298338Z"}],"log":[{"timestamp":"2023-02-26T03:12:16.085234Z","key":"innovative","explanation":"Fundamental freedoms.","new_value":"tools","type":"appended","previous_value":"product","user":"admin"},{"timestamp":"2023-02-05T17:51:47.085254Z","key":"across","explanation":"Not to be compelled to be a witness in proceedings against that person in respect of the offence.","new_value":"work","type":"removed","previous_value":"One","user":"user"},{"timestamp":"2023-03-05T20:22:50.085271Z","key":"services","explanation":"Continuity of language instruction.","new_value":"technologies","type":"removed","previous_value":"survey","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"178qvIG87iPDgzWnp6e4qb\\", \\"timestamp\\": \\"2023-03-10T14:55:04.532328Z\\", \\"modified\\": \\"2023-03-10T14:55:04.532371Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:04.613765Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"68zVsSWVb1py7beY4IAvhr\\", \\"timestamp\\": \\"2023-03-10T14:55:43.869589Z\\", \\"modified\\": \\"2023-03-10T14:55:43.869659Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:43.977654Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2iEBLE917H03DgqF1JYyN7\\", \\"timestamp\\": \\"2023-03-10T15:11:49.462467Z\\", \\"modified\\": \\"2023-03-10T15:11:49.462514Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:49.538053Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7DfUyAgygJUWjvdfbpQY7W\\", \\"timestamp\\": \\"2023-03-10T15:12:35.386592Z\\", \\"modified\\": \\"2023-03-10T15:12:35.386657Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:35.473240Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1uPbbVwdn7qSkvHIcfKTSo\\", \\"timestamp\\": \\"2023-03-10T15:13:05.883835Z\\", \\"modified\\": \\"2023-03-10T15:13:05.883882Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:05.959093Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5eV1emV5mNJw4i9IYdzoLU\\", \\"timestamp\\": \\"2023-03-10T15:13:29.498513Z\\", \\"modified\\": \\"2023-03-10T15:13:29.498548Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:29.568053Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"eeSr8wgaB1hNRhfNK4bcR\\", \\"timestamp\\": \\"2023-03-10T15:14:24.849725Z\\", \\"modified\\": \\"2023-03-10T15:14:24.849780Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:24.939902Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3PABiR3qFm3y0BiwXx6k43\\", \\"timestamp\\": \\"2023-03-10T15:14:51.513021Z\\", \\"modified\\": \\"2023-03-10T15:14:51.513063Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:51.585505Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7bz2LXv3gxgsxqJQnDEx9C\\", \\"timestamp\\": \\"2023-03-10T15:19:12.422379Z\\", \\"modified\\": \\"2023-03-10T15:19:12.422456Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:12.561877Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3FjJmCVvjCfXm0lSyJpDOE\\", \\"timestamp\\": \\"2023-03-10T15:20:05.327907Z\\", \\"modified\\": \\"2023-03-10T15:20:05.327966Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:05.419620Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3YWWmLgGlg9Fj3J0sTalfE\\", \\"timestamp\\": \\"2023-03-10T15:21:43.453916Z\\", \\"modified\\": \\"2023-03-10T15:21:43.453963Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:43.540444Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"64huufBbpwr57XPCYg4ewX\\", \\"timestamp\\": \\"2023-03-10T15:23:17.492879Z\\", \\"modified\\": \\"2023-03-10T15:23:17.492931Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:23:17.585825Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"71qaHLwlqIDROHXyRU7OXj\\", \\"timestamp\\": \\"2023-03-10T15:26:32.287479Z\\", \\"modified\\": \\"2023-03-10T15:26:32.287524Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:32.368771Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7E6VE7P6tMbyQiBdqrbYCH\\", \\"timestamp\\": \\"2023-03-10T15:31:03.916171Z\\", \\"modified\\": \\"2023-03-10T15:31:03.916212Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:04.007574Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1vGzGPvslRvAltvTv7WuAu\\", \\"timestamp\\": \\"2023-03-10T15:34:18.446873Z\\", \\"modified\\": \\"2023-03-10T15:34:18.446926Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:18.555272Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1QdL0w3t3Bn8r2gTYE7IBB\\", \\"timestamp\\": \\"2023-03-10T15:40:29.298338Z\\", \\"modified\\": \\"2023-03-10T15:40:29.298375Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:29.374269Z"}],"retained":"Centre","monitored":"authority","reported":"enhanced","mitigated":"assist","outline":{"threat":"66.234.251.72","target":"cyber.biz","indicators":["innovation_goods.exe","more_canadian.ppt","but_from.gif","state_enhanced_with.ppt","country_improve_assist.jpg","program_from.lnk","with.exe","partners.gif","open.gif","academia_us.ppt","enhanced_industry.exe","stays.ppt","open.doc","defence_cyber.gif","bringing.jpg","complex_build_partnerships.jpg","product_on_role.xls","about.xls","the_development_provide.ppt","security_key.ppt"],"summary":"To the Parliament and government of Canada in respect of all matters within the authority of Parliament including all matters relating to the Yukon Territory and Northwest Territories."},"labels":{"assignments":["ADS4B","ADS2A"],"generic":["Danger","Drive","Super Teams"]},"votes":{"benign":["marketplace","product","Canadian","transition"],"obscure":["industry"],"malicious":["goods"]},"dossier":{"key_a":"[\\"certain\\", \\"assist\\"]","key_b":"[\\"laboratory\\", \\"us\\"]","key_c":"32","key_d":"bringing"}},"assemblyline":{"antivirus":[{"type":"is","subtype":"this","value":"authority","verdict":"safe"},{"type":"transition","subtype":"supports","value":"our","verdict":"malicious"}],"attribution":[{"type":"market","subtype":"levels","value":"bringing","verdict":"suspicious"}],"behaviour":[{"type":"us","subtype":"constantly","value":"defence","verdict":"suspicious"}],"domain":[{"type":"this","subtype":"To","value":"state","verdict":"visit"}],"heuristic":[{"type":"partnerships","subtype":"Government","value":"work","verdict":"safe"}],"mitre":{"tactic":[{"type":"One","subtype":"innovation","value":"country","verdict":"suspicious"},{"type":"technologies","subtype":"private","value":"of","verdict":"safe"}],"technique":[{"type":"certain","subtype":"across","value":"an","verdict":"info"}]},"uri":[{"type":"the","subtype":"constantly","value":"assist","verdict":"by"},{"type":"experts","subtype":"commercial","value":"Government","verdict":"to"},{"type":"innovation","subtype":"enhanced","value":"also","verdict":"about"}],"yara":[{"type":"market","subtype":"marketplace","value":"authority","verdict":"malicious"},{"type":"from","subtype":"Canadian","value":"key","verdict":"info"},{"type":"working","subtype":"environment","value":"stays","verdict":"info"},{"type":"security","subtype":"us","value":"improve","verdict":"info"}]},"agent":{"id":"key","name":"supports_more_supports.pdf","type":"complex","version":"6.3.2"},"cbs":{"sharepoint":{"created":{"application":"work","user":"user"},"modified":{"application":"an","user":"user"}}},"cloud":{"account":{"id":"7MlnNyuNliVMEuK6qKkG1H","name":"role.doc"},"availability_zone":"all","instance":{"id":"Innovation","name":"sizes_promote_of.lnk"},"machine":{"type":"One"},"project":{"id":"us","name":"programs_of.pdf"},"provider":"role","region":"partnerships","service":{"name":"Office365"},"tenant_id":"4cRTm3QTCMWGe1CIzzWWN"},"container":{"id":"tools","image":{"hash":{"all":["Canada","to","from"]},"name":"promote_security_problems.doc","tag":["to","feedback","Build","on"]},"labels":{"key_a":"tools"},"name":"but_supports.lnk","runtime":"tools"},"destination":{"address":"problems","bytes":3447,"domain":"role.biz","geo":{"city_name":"program.pdf","continent_code":"bringing","continent_name":"determine_other.lnk","country_iso_code":"evaluate","country_name":"the.doc","location":{"lon":299.1,"lat":3055.46},"name":"provide_product_problems.ppt","postal_code":"Program","region_iso_code":"support","region_name":"private_companies.exe","timezone":"the"},"ip":"156.153.243.51","mac":"d1:53:c8:95:4f:24","nat":{"ip":"72.31.103.4","port":692},"packets":1781,"port":1424},"dns":{"answers":[{"class":"do","data":"but","name":"about_provide_are.xls","ttl":2882,"type":"edge"},{"class":"collaborating","data":"defence","name":"improve_learn.xls","ttl":934,"type":"technologies"},{"class":"vendors","data":"One","name":"provide.pdf","ttl":491,"type":"technologies"}],"header_flags":["working"],"id":"services","op_code":"country","question":{"class":"open","name":"development.doc","registered_domain":"vendors.biz","subdomain":"our.edu","top_level_domain":"work.ca","type":"improve"},"resolved_ip":["98.50.69.47","96.93.162.23","216.191.95.99","149.78.17.218"],"response_code":"complex","type":"art"},"ecs":{"version":"8.2.4"},"error":{"code":"performs","message":"this"},"event":{"action":"performs","category":["host","database","authentication","configuration"],"code":"innovations","created":"2023-03-03T16:43:13.085984Z","dataset":"order","duration":1714,"end":"2023-02-17T12:46:37.085997Z","hash":"For","id":"7R8k7U5tdf98JtvhMyJ3Fv","ingested":"2023-03-02T23:09:04.086005Z","kind":"signal","module":"all","original":"role","outcome":"unknown","provider":"NBS","reason":"participating","reference":"marketplace","risk_score":2890.88,"risk_score_norm":2456.35,"sequence":4076,"severity":2060,"start":"2023-02-26T06:06:18.086035Z","timezone":"experts","type":["error","creation","error"],"url":"To"},"email":{"attachments":[{"file":{"extension":"experts","hash":{"md5":"2d5c44718c52aba882a0d7c0897ad024","sha1":"dfd418f4932b8e2d01d59d66a896e6659c50cf12","sha256":"5d9bc7980890fd8ecbf3ed29a19e5ffbfecb9d56c82a03c033c45f84ff008629","sha384":"7350f8cb489a34e0d548572ca1ce5db42c5d6d23565ca3b842a4245dcbd0050331924bdad932b9a127c493dcd2d2afe7","sha512":"1db5822f5db8a51d5a3c3e2c749ea30fd51df095fb344e45fa9d7251fc8a012d8497db620b64df9435afc75476a5e36be583abed6e11957fd4c4caf5032472fc","ssdeep":"41723:wNgIgn71JPETGMAkbdkG1Jtn5gzeHQ3kwRhI0BjbcsDGiyemyQYj3yv5JRvm7wxR:yEI3Ad87Thl1JrmkdJkQDE","tlsh":"Build"},"mime_type":"assist","name":"in.exe","size":1878}},{"file":{"extension":"all","hash":{"md5":"5e5d098d01aa54c87ca267c4c1ab9460","sha1":"2a73fd8cd934d5741a3a62205ff1f690894b7248","sha256":"850587ac2596baaa876500030202f1b2ebc087da5cbe0e4ce13e990dfad3c82a","sha384":"85c1eedae41ac454db0c77e5c7ce42aa66864f9c09ab3f9701992b34f0abd9ff961a5efd251bc1cd11e249d3c2b0d4e2","sha512":"252b4335c65176b3d4e38f898ce820c1581b557c378ede909cd6500f4c61da7e67a0205ef64441d305962a4ee12aa187e94c8dbab523903a353393230518667a","ssdeep":"32701:14Oi7jNeOD999nPrPlwcgU7dwfp:bYI8FRNhTwqTa8d6O4SlHSh0vYilROijN7aGzEfpUnv7VFblyCK6IPaXsGK","tlsh":"about"},"mime_type":"market","name":"participating_partnerships_certain.gif","size":1153}},{"file":{"extension":"emerging","hash":{"md5":"d5f5c631b7d9e39d8dfea956b92be89b","sha1":"9659420fa810edc79e437f41dcaf91ef581bd38b","sha256":"e08b84eb92d83d2cc5ad1d4f771b35830e87242f5933645c58fba317f93f6082","sha384":"fc2df7e65704005c6e9f75ef751d294ed9c7c81ea8e31ef7b80798070d53c2c659828d283cb1f5d7da59d592a9c3b2a7","sha512":"426472823615aab09518e603ee0496a729fa4989531fac48f696dc1bf4ff1e062e48ee7f0ea3c213f878c77724773b60421e00e2255d3dd80c84665dff22ab71","ssdeep":"87528:KL3cb4v9szLjIhn7fZkQ8hII9hbHIwudKFqjlkGxSrd0BH4TvJnJP55Eh:tS5a2zxPhDH7Ny7ypeA1zGygRVSOPtrr","tlsh":"promote"},"mime_type":"emerging","name":"supports.lnk","size":3496}}],"bcc":{"address":"programs@survey.com"},"cc":{"address":"centre@one.ca"},"content_type":"innovative","delivery_timestamp":"2023-02-07T05:49:19.086604Z","direction":"technologies","from":{"address":"supports@technologies.ca"},"local_id":"56VEIDy5DUCXiU6KL5HTOO","message_id":"6Wd9YWx1z756aTCPWURZ2G","origination_timestamp":"2023-02-19T05:40:54.086663Z","reply_to":{"address":"them@environment.biz"},"sender":{"address":"product@provide.com"},"subject":"technologies","to":{"address":"constantly@technology.ca"},"x_mailer":"selling","parent":{"bcc":{"address":"technology@one.edu"},"cc":{"address":"enhanced@promote.com"},"from":{"address":"for@canada.ca"},"message_id":"dOBc9QsMtLG5YGVwBuMqF","origination_timestamp":"2023-02-18T06:01:04.086716Z","subject":"Centre","to":{"address":"testing@edge.ca"},"source":"168.174.73.108","destination":"125.181.248.246"}},"faas":{"coldstart":true,"execution":"innovations","id":"participating","name":"academia_the.pdf","trigger":{"request_id":"1dibzXuixqyFI3OniJPBVa","type":"http"},"version":"5.3.6"},"file":{"accessed":"2023-03-03T00:08:11.086811Z","attributes":["performs","partnerships"],"created":"2023-03-09T19:59:12.086827Z","ctime":"2023-03-05T09:00:17.086830Z","device":"Government","directory":"stays/sizes/transition","drive_letter":"in","extension":"Canadian","fork_name":"survey.doc","gid":"commercial","group":"ADMINS","inode":"working.biz","mime_type":"learn","mode":"an","mtime":"2023-03-08T04:35:53.086868Z","name":"cyber_in_security.pdf","owner":"Canadian","path":"key","size":2834,"target_path":"survey","type":"file","uid":"edge","code_signature":{"digest_algorithm":"sha384","exists":false,"signing_id":"2qs1pyoALeMaldaNdbNkeu","status":"BCIP","subject_name":"provide.ppt","team_id":"5UtVTVaWx8sZicuRB0Lbfv","timestamp":"2023-03-02T02:59:01.086963Z","trusted":false,"valid":true},"elf":{"architecture":"work","byte_order":"services","cpu_type":"new","creation_date":"across","exports":["goods"],"header":{"abi_version":"4.0.5","class":"development","data":"in","entrypoint":332,"object_version":"7.3.0","os_abi":"constantly","type":"innovation","version":"8.0.8"},"imports":["sizes","other"],"sections":[{"chi2":698,"entropy":1703,"flags":"Build","name":"provide_defence_our.doc","physical_offset":"new","physical_size":1444,"type":"companies","virtual_address":803,"virtual_size":3741},{"chi2":3106,"entropy":3180,"flags":"are","name":"enhanced_defence_private.pdf","physical_offset":"improve","physical_size":628,"type":"but","virtual_address":3190,"virtual_size":1363},{"chi2":2348,"entropy":843,"flags":"country","name":"support_product.gif","physical_offset":"defence","physical_size":2461,"type":"The","virtual_address":1534,"virtual_size":1542}],"segments":[{"chi2":2254,"entropy":3491,"flags":"levels","name":"selling_authority.xls","physical_offset":"on","physical_size":2763,"type":"feedback","virtual_address":3625,"virtual_size":2225},{"chi2":2344,"entropy":316,"flags":"transition","name":"we.jpg","physical_offset":"support","physical_size":3226,"type":"BCIP","virtual_address":2432,"virtual_size":284},{"chi2":3997,"entropy":1844,"flags":"defence","name":"learn.xls","physical_offset":"cutting","physical_size":2334,"type":"transition","virtual_address":771,"virtual_size":2890}],"shared_libraries":["tools","technologies","more","edge"],"telfhash":"us"},"hash":{"md5":"52372580948adff967d71c5374bc68dd","sha1":"97ffe814a800bb0d447413e46509f2987accf72c","sha256":"070078742275f3ce2506b4c7843250ae35f0cf72a76234a56aff6c98b94daa0c","sha384":"71e55817e69f2ef35927ea8cea0292209e11065f4ecf8d08097cf96437726ee56f975ac9f940a0c800bbc0b8b7baf716","sha512":"269e15d1fcb433635bf6531f616778f096ded54b99f2c9f0a87e41699e9568ca6f231f9869c07cd0fb2e687069d4aa602cd312f3e36a6d6a91acb405dc762764","ssdeep":"18536:3aDebhcskPgldjPpEDFQ:YJPglGmsy6DwZ4HbHVtjGOPCHmnfxxIU7Z9qD","tlsh":"technologies"},"pe":{"architecture":"visit","company":"also","description":"constantly","file_version":"promote.ppt","imphash":"Cyber","original_file_name":"security_market_product.doc","pehash":"art","product":"helps"}},"group":{"domain":"engaging.com","id":"us","name":"the_transition.ppt"},"host":{"id":"One","ip":["139.10.37.50","141.63.197.62"],"mac":["A23657E9403C","F140F691654C","107D840C1215"],"name":"role_complex.lnk","domain":"government.com","type":"provide"},"http":{"request":{"body":{"bytes":812,"content":"tools"},"bytes":1881,"id":"constantly","method":"an","mime_type":"academia","referrer":"selling"},"response":{"body":{"bytes":634,"content":"Canada"},"bytes":519,"mime_type":"country","status_code":2548},"version":"6.0.2"},"organization":{"id":"15","name":"FJA"},"process":{"args":["marketplace","commercial"],"args_count":3330,"command_line":"To","end":"2023-02-10T17:49:24.087499Z","entity_id":"62mQrJp8fBCAj4I1ZkInQ6","env_vars":{"key_a":"open","key_b":"them","key_c":"evaluate","key_d":"One","key_e":"constantly"},"executable":"them","exit_code":4048,"interactive":true,"name":"industry_cyber_helps.jpg","parent":[{"args":["laboratory","Program","Innovation"],"args_count":416,"command_line":"this","end":"2023-02-23T03:59:30.087575Z","entity_id":"14e1On2QDS4pjG6KV7eRMT","env_vars":{"key_a":"programs"},"executable":"supports","exit_code":568,"interactive":true,"name":"technology.jpg","pid":1403,"same_as_process":false,"start":"2023-02-09T09:40:22.087620Z","user":{"id":"problems","name":"assist_an.exe"}},{"args":["partners"],"args_count":222,"command_line":"promote","end":"2023-02-06T22:38:35.087645Z","entity_id":"4sBCS9MK5yNN8ghnHIkh3a","env_vars":{"key_a":"about","key_b":"Program","key_c":"Government"},"executable":"BCIP","exit_code":2936,"interactive":false,"name":"cyber.doc","pid":454,"same_as_process":false,"start":"2023-02-18T15:49:12.087692Z","user":{"id":"goods","name":"innovation.pdf"}},{"args":["technical","development","key"],"args_count":3118,"command_line":"country","end":"2023-02-03T22:19:46.087719Z","entity_id":"SqzBKLvRYCxzRc2nlGp0n","env_vars":{"key_a":"by"},"executable":"To","exit_code":4096,"interactive":true,"name":"environment.ppt","pid":1981,"same_as_process":false,"start":"2023-03-04T19:15:07.087760Z","user":{"id":"edge","name":"for_partners_to.pdf"}}],"pid":342,"same_as_process":false,"start":"2023-02-19T05:43:56.087778Z","title":"security","uptime":3008,"user":{"id":"all","name":"also_technical_goods.doc"},"working_directory":"enhanced/academia/learn/innovation/edge/art"},"registry":{"data":{"bytes":"innovation","strings":["Cyber","new"],"type":"edge"},"hive":"product","key":"stays","path":"invite","value":"determine"},"related":{"hash":["complex","problems","us","development"],"hosts":["tools.com","experts.com","emerging.ca","assist.biz"],"ip":["28.192.187.223","238.227.145.85","75.68.118.159","58.179.52.73"],"user":["user","user","admin"],"id":"examine","uri":["ftp://canada.biz/One/testing/defence/Canada/transition/performs","https://performs.ca/problems/complex/engaging","https://technologies.edu/performs/art"],"signature":["provide","problems","problems","testing"]},"server":{"ip":"217.35.81.77","address":"Innovation","domain":"them.ca"},"source":{"address":"helps","bytes":3988,"domain":"examine.edu","geo":{"city_name":"technical_product.doc","continent_code":"from","continent_name":"from_also_helps.xls","country_iso_code":"our","country_name":"supports.xls","location":{"lon":2288.99,"lat":4010},"name":"collaborating.ppt","postal_code":"Innovation","region_iso_code":"visit","region_name":"open_more_security.jpg","timezone":"learn"},"ip":"217.9.63.4","mac":"43:06:47:b9:e4:26","nat":{"ip":"102.40.141.140","port":1868},"packets":1122,"port":1738},"threat":{"feed":{"dashboard_id":"6vQzFvsa4c8aAyIPXnxyRC","description":"Cyber","name":"partnerships_innovative_art.xls","reference":"an"},"framework":"MITRE ATT&CK","group":{"alias":["this","emerging"],"id":"support","name":"collaborating.exe","reference":"visit"},"indicator":{"confidence":"selling","description":"Equality Rights.","email":{"address":"across"},"provider":"laboratory","reference":"enhanced","scanner_stats":2355,"sightings":2140,"ip":"244.74.21.100","type":"our","first_seen":"2023-02-24T14:29:34.088106Z","last_seen":"2023-02-05T19:55:06.088110Z"},"software":{"alias":["feedback"],"id":"The","name":"them_bringing.doc","platform":["sizes"],"reference":"performs","type":"problems"},"tactic":{"id":"TA0006","name":"Credential Access","reference":"our"},"technique":{"id":"T1600.002","name":"Disable Crypto Hardware","reference":"We"}},"tls":{"version":"6.5.0","version_protocol":"6.4.4","client":{"server_name":"learn_our.lnk","ja3":"potential"},"server":{"ja3s":"defence"}},"url":{"domain":"government.ca","extension":"product","fragment":"support","full":"product","original":"edge","password":"certain","path":"services","port":3800,"query":"technology","registered_domain":"testing.biz","scheme":"improve","subdomain":"sizes.biz","top_level_domain":"marketplace.edu","username":"user"},"user":{"domain":"survey.com","email":"canadian@country.biz","full_name":"goods_technology_but.jpg","group":{"domain":"about.biz","id":"performs","name":"problems.ppt"},"hash":"is","id":"promote","name":"more","roles":["transition","all","Innovation","To"]},"user_agent":{"device":{"name":"support_assist_helps.gif"},"name":"companies_from_technologies.doc","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"visit","full":"supports","kernel":"examine","name":"of_more_country.pdf","platform":"about","type":"learn","version":"7.5.5"},"version":"5.3.2"},"vulnerability":{"category":["Program","testing"],"classification":"authority","description":"companies","enumeration":"participating","id":"laboratory","reference":"state","report_id":"XgFkseejy77r6FOznH10K"}},"4i2ZqNioQVjLVAbGaIcAYf":{"timestamp":"2023-02-05T14:43:18.451611Z","labels":{"key_a":"engaging","key_b":"goods","key_c":"promote","key_d":"country","key_e":"tools"},"tags":["work","selling","from"],"howler":{"id":"4i2ZqNioQVjLVAbGaIcAYf","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Privilege Escalation","hash":"bab7dea675493ba67de050fdf0a4b1fca5c11dc52f7413eed0487f4a9f3e89cc","related":["this","industry","but","key"],"reliability":2868.99,"severity":3009.62,"volume":3896.9,"confidence":835.25,"score":209.32,"status":"open","scrutiny":"scanned","escalation":"hit","assessment":null,"comment":[{"id":"l7FnQqKroEuUQEFGo7QgX","timestamp":"2023-02-14T17:15:46.451809Z","modified":"2023-02-14T16:22:53.451816Z","value":"Annual sitting of legislative bodies.","user":"shawnh"},{"id":"2uNPKWSlNy8rX0RAknnrS","timestamp":"2023-02-18T07:13:32.451846Z","modified":"2023-02-08T00:34:30.451849Z","value":"Citizens of Canada.","user":"shawnh"},{"id":"66ZBmIiJ3Aq44qeo1mGrxR","timestamp":"2023-03-03T09:53:31.451875Z","modified":"2023-02-28T02:34:07.451879Z","value":"Enforcement of guaranteed rights and freedoms.","user":"shawnh"},{"modified":"2023-03-10T14:55:04.884708Z","id":"3OYNDdNt6BC7juD58dZZRE","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:04.884668Z"},{"modified":"2023-03-10T14:55:44.265153Z","id":"6aB0FDZVrXnaS5jlaN4opJ","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:44.265101Z"},{"modified":"2023-03-10T15:11:49.780156Z","id":"7jEHcpB1EJwMnF0h0pN4dv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:49.780108Z"},{"modified":"2023-03-10T15:12:35.716151Z","id":"4ZXY71LIxy9OIaCYPZ4oVI","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:35.716094Z"},{"modified":"2023-03-10T15:13:06.197917Z","id":"66RbnPEacKx0CYTFPQMyux","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:06.197874Z"},{"modified":"2023-03-10T15:13:29.819507Z","id":"6zSsmUyK9IOLwQZ8GWGDnV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:29.819445Z"},{"modified":"2023-03-10T15:14:25.186184Z","id":"404CftkamhwjaCF0zWz4nA","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:25.186140Z"},{"modified":"2023-03-10T15:14:51.828015Z","id":"7ASuVW7HtS53XMhZZUgZ0v","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:51.827977Z"},{"modified":"2023-03-10T15:19:12.840731Z","id":"6xOsF8KGROpfSCDRPhnTXu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:12.840673Z"},{"modified":"2023-03-10T15:20:05.670402Z","id":"EtA93FU47oX9d5e4ZZwAi","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:05.670333Z"},{"modified":"2023-03-10T15:21:43.792662Z","id":"4wcnx0zSfQJ7LBTREkqfeF","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:43.792608Z"},{"modified":"2023-03-10T15:26:32.603896Z","id":"7TAQPOgmRFISwEC7S9yrtT","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:32.603858Z"},{"modified":"2023-03-10T15:31:04.238805Z","id":"2qXFW6Y1u5MSqvc36NuFZf","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:04.238738Z"},{"modified":"2023-03-10T15:34:18.799413Z","id":"3AgOYvqnX8nSayRpjzb6ky","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:18.799358Z"},{"modified":"2023-03-10T15:40:29.610200Z","id":"8fgjmZMhWkC1obBuclk4H","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:29.610162Z"}],"log":[{"timestamp":"2023-02-25T22:11:37.451889Z","key":"feedback","explanation":"Proceedings in New Brunswick courts.","new_value":"provide","type":"appended","previous_value":"to","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3OYNDdNt6BC7juD58dZZRE\\", \\"timestamp\\": \\"2023-03-10T14:55:04.884668Z\\", \\"modified\\": \\"2023-03-10T14:55:04.884708Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:04.965443Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6aB0FDZVrXnaS5jlaN4opJ\\", \\"timestamp\\": \\"2023-03-10T14:55:44.265101Z\\", \\"modified\\": \\"2023-03-10T14:55:44.265153Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:44.371978Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7jEHcpB1EJwMnF0h0pN4dv\\", \\"timestamp\\": \\"2023-03-10T15:11:49.780108Z\\", \\"modified\\": \\"2023-03-10T15:11:49.780156Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:49.855903Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4ZXY71LIxy9OIaCYPZ4oVI\\", \\"timestamp\\": \\"2023-03-10T15:12:35.716094Z\\", \\"modified\\": \\"2023-03-10T15:12:35.716151Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:35.800935Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"66RbnPEacKx0CYTFPQMyux\\", \\"timestamp\\": \\"2023-03-10T15:13:06.197874Z\\", \\"modified\\": \\"2023-03-10T15:13:06.197917Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:06.283478Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6zSsmUyK9IOLwQZ8GWGDnV\\", \\"timestamp\\": \\"2023-03-10T15:13:29.819445Z\\", \\"modified\\": \\"2023-03-10T15:13:29.819507Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:29.940583Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"404CftkamhwjaCF0zWz4nA\\", \\"timestamp\\": \\"2023-03-10T15:14:25.186140Z\\", \\"modified\\": \\"2023-03-10T15:14:25.186184Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:25.255815Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7ASuVW7HtS53XMhZZUgZ0v\\", \\"timestamp\\": \\"2023-03-10T15:14:51.827977Z\\", \\"modified\\": \\"2023-03-10T15:14:51.828015Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:51.903403Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6xOsF8KGROpfSCDRPhnTXu\\", \\"timestamp\\": \\"2023-03-10T15:19:12.840673Z\\", \\"modified\\": \\"2023-03-10T15:19:12.840731Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:12.938609Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"EtA93FU47oX9d5e4ZZwAi\\", \\"timestamp\\": \\"2023-03-10T15:20:05.670333Z\\", \\"modified\\": \\"2023-03-10T15:20:05.670402Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:05.759270Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4wcnx0zSfQJ7LBTREkqfeF\\", \\"timestamp\\": \\"2023-03-10T15:21:43.792608Z\\", \\"modified\\": \\"2023-03-10T15:21:43.792662Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:43.885011Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7TAQPOgmRFISwEC7S9yrtT\\", \\"timestamp\\": \\"2023-03-10T15:26:32.603858Z\\", \\"modified\\": \\"2023-03-10T15:26:32.603896Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:32.673849Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2qXFW6Y1u5MSqvc36NuFZf\\", \\"timestamp\\": \\"2023-03-10T15:31:04.238738Z\\", \\"modified\\": \\"2023-03-10T15:31:04.238805Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:04.312490Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3AgOYvqnX8nSayRpjzb6ky\\", \\"timestamp\\": \\"2023-03-10T15:34:18.799358Z\\", \\"modified\\": \\"2023-03-10T15:34:18.799413Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:18.878710Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"8fgjmZMhWkC1obBuclk4H\\", \\"timestamp\\": \\"2023-03-10T15:40:29.610162Z\\", \\"modified\\": \\"2023-03-10T15:40:29.610200Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:29.685880Z"}],"retained":"improve","monitored":"marketplace","reported":"levels","mitigated":"is","outline":{"threat":"184.251.150.33","target":"learn.ca","indicators":["order_build.doc","stays_do_an.ppt","academia_us.gif","all_order.pdf","determine_companies.pdf","cutting_development_problems.jpg","about.pdf","them_marketplace_for.ppt","learn_market.jpg","government.ppt","new.lnk","industry_constantly_commercial.doc","across.xls","defence_performs.ppt","but_to.doc","enhanced.gif","enhanced_partnerships.ppt"],"summary":"The Canadian Charter of Rights and Freedoms guarantees the rights and freedoms set out in it subject only to such reasonable limits prescribed by law as can be demonstrably justified in a free and democratic society."},"labels":{"assignments":["APA1B","ADS2A","APA2B"],"generic":["Super Teams","Danger","Outlook"]},"votes":{"benign":["is","potential","market","testing"],"obscure":["Government","potential","across"],"malicious":["learn"]},"dossier":{"key_a":"with","key_b":"[\\"technology\\", \\"authority\\"]"}},"assemblyline":{"antivirus":[{"type":"website","subtype":"technologies","value":"open","verdict":"info"},{"type":"testing","subtype":"across","value":"problems","verdict":"malicious"},{"type":"bringing","subtype":"certain","value":"levels","verdict":"info"},{"type":"key","subtype":"To","value":"the","verdict":"safe"}],"attribution":[{"type":"on","subtype":"with","value":"potential","verdict":"safe"}],"behaviour":[{"type":"in","subtype":"academia","value":"Government","verdict":"info"},{"type":"our","subtype":"cyber","value":"technology","verdict":"suspicious"},{"type":"new","subtype":"transition","value":"provide","verdict":"info"},{"type":"country","subtype":"environment","value":"also","verdict":"malicious"}],"domain":[{"type":"industry","subtype":"helps","value":"country","verdict":"security"},{"type":"environment","subtype":"order","value":"innovation","verdict":"technology"}],"heuristic":[{"type":"invite","subtype":"improve","value":"partners","verdict":"malicious"},{"type":"role","subtype":"new","value":"visit","verdict":"info"},{"type":"art","subtype":"environment","value":"about","verdict":"info"}],"mitre":{"tactic":[{"type":"vendors","subtype":"BCIP","value":"Centre","verdict":"malicious"},{"type":"tools","subtype":"defence","value":"order","verdict":"suspicious"},{"type":"survey","subtype":"stays","value":"cutting","verdict":"malicious"}],"technique":[{"type":"work","subtype":"about","value":"open","verdict":"info"},{"type":"goods","subtype":"engaging","value":"cyber","verdict":"malicious"},{"type":"vendors","subtype":"in","value":"environment","verdict":"suspicious"},{"type":"but","subtype":"services","value":"development","verdict":"safe"}]},"uri":[{"type":"We","subtype":"cyber","value":"participating","verdict":"bringing"},{"type":"levels","subtype":"potential","value":"of","verdict":"across"},{"type":"work","subtype":"engaging","value":"assist","verdict":"but"},{"type":"other","subtype":"examine","value":"feedback","verdict":"website"}],"yara":[{"type":"state","subtype":"complex","value":"performs","verdict":"malicious"},{"type":"partnerships","subtype":"visit","value":"also","verdict":"info"},{"type":"website","subtype":"product","value":"evaluate","verdict":"safe"},{"type":"across","subtype":"transition","value":"authority","verdict":"info"}]},"agent":{"id":"invite","name":"vendors_emerging.gif","type":"new","version":"7.5.8"},"cbs":{"sharepoint":{"created":{"application":"provide","user":"user"},"modified":{"application":"this","user":"admin"}}},"cloud":{"account":{"id":"1RbLu2BdcKcp7yMx90NuNU","name":"problems_role.jpg"},"availability_zone":"us","instance":{"id":"One","name":"one_assist_private.jpg"},"machine":{"type":"more"},"project":{"id":"new","name":"commercial_are.jpg"},"provider":"private","region":"promote","service":{"name":"Microsoft Teams"},"tenant_id":"UqVYkWF5u4PghqxpStq3p"},"container":{"id":"government","image":{"hash":{"all":["partners","problems"]},"name":"edge_is_participating.jpg","tag":["stays","Cyber","tools","problems"]},"labels":{"key_a":"open","key_b":"innovation","key_c":"are","key_d":"by","key_e":"examine"},"name":"academia_evaluate_laboratory.pdf","runtime":"website"},"destination":{"address":"Cyber","bytes":3424,"domain":"bcip.com","geo":{"city_name":"edge.jpg","continent_code":"sizes","continent_name":"do_with_canadian.doc","country_iso_code":"in","country_name":"art_bringing.doc","location":{"lon":2190.17,"lat":2803.7},"name":"order.gif","postal_code":"role","region_iso_code":"edge","region_name":"tools_innovations.xls","timezone":"Program"},"ip":"55.172.140.240","mac":"18:1b:c0:f2:3f:26","nat":{"ip":"127.88.245.229","port":3443},"packets":438,"port":578},"dns":{"answers":[{"class":"learn","data":"our","name":"technologies_government.xls","ttl":1254,"type":"Build"},{"class":"testing","data":"examine","name":"art_more_are.xls","ttl":1699,"type":"assist"},{"class":"across","data":"art","name":"invite_visit.xls","ttl":3439,"type":"cutting"},{"class":"Canada","data":"bringing","name":"selling_examine_development.doc","ttl":2077,"type":"invite"}],"header_flags":["all","on"],"id":"an","op_code":"website","question":{"class":"security","name":"development_environment.ppt","registered_domain":"improve.com","subdomain":"from.ca","top_level_domain":"innovations.ca","type":"open"},"resolved_ip":["89.110.234.57","237.100.229.184","23.204.161.33"],"response_code":"product","type":"participating"},"ecs":{"version":"4.5.8"},"error":{"code":"innovative","message":"tools"},"event":{"action":"examine","category":["registry","database","intrusion_detection","driver"],"code":"on","created":"2023-03-03T16:14:13.452739Z","dataset":"them","duration":1095,"end":"2023-02-04T23:04:12.452751Z","hash":"is","id":"4i2ZqNioQVjLVAbGaIcAYf","ingested":"2023-02-26T19:37:33.452759Z","kind":"enrichment","module":"performs","original":"improve","outcome":"failure","provider":"NBS","reason":"survey","reference":"with","risk_score":1085.5,"risk_score_norm":612.71,"sequence":2783,"severity":1168,"start":"2023-02-16T23:50:48.452790Z","timezone":"Centre","type":["indicator","admin","error"],"url":"all"},"email":{"attachments":[{"file":{"extension":"collaborating","hash":{"md5":"d5c90bd1a8503f41f3febafc2b04865f","sha1":"e6b206c251ddbd7a11c8de76724ba66b039b1c78","sha256":"84bb3296e9d8ae35906a82cb4c13d979ecb131597194f93b61d5696dfedbcbc1","sha384":"45d122c97578be3861f44b0f57179001a3856a42f379e05e852f0b89a47da7e8ca03482f127bd1de7f2feddbcfdde690","sha512":"132477362008e62af50d6dcd6d0a37810b01d32fb9cd3f31e6a28260b57a8b72caf4e795860eabe1ef0c72f808c258e1671f1c117b19e60556d511c65878acce","ssdeep":"84585:7enG5HPMZHy2QUpKh0Rl1G0JR8R0AybRMx:bKAZ1cFE65KZVBZax3x7JFG2i","tlsh":"but"},"mime_type":"the","name":"by_this.exe","size":1629}},{"file":{"extension":"state","hash":{"md5":"b8bac8a7465cbed0a708a2eefe109247","sha1":"25af6f1979ae2219fb447d91f756c7ab522a24f2","sha256":"c08f2dc7600ba4fc9955ad9e2e68208f7775c3f59a61b86c4e172ff0d0e9a601","sha384":"120b004b4c76d803bbb408baccfce6b9b0c14c57471273f0e9a73efcd2a5b0b122f2b47b4e8a8539b924c3b4ab1e17a7","sha512":"34863628fd10fcd8cd559c27a0132d01c91f39614cc8101c07b9b0f3732c86c8668b7ee18cf68a0a80d67b0798d76b22fda774d1a618f8f61b077c7d8ba3b942","ssdeep":"25042:ZP9q5PzdrB68h6pkF8yI2B9ZeSedEsCENFI7sKt1kjKhL0wgKe0Z5ALpBPSulu:aS4BIqk5qaXki1T2XcyKSd6kbRDMIvAP7JJgo4PRr0ABC4S","tlsh":"laboratory"},"mime_type":"security","name":"us.jpg","size":377}},{"file":{"extension":"industry","hash":{"md5":"a284a10444bb7f63417363ea7269aae3","sha1":"4e5fc6443f4984b40dc67f6e44c11ed26f9b443b","sha256":"0302e3b984a5288ad968d66145f15aa0d6f910da9eab200bb69b76fa60cfe8bd","sha384":"2475e203f9d5bed309f13e9e357442825c50f5bbb09d37d72b5198af91500eeddb33ee85cddc77faac4821af04daefc3","sha512":"4e241cb1be585498c41f8c98b1da1e970a3c4df80cde0a180a866a8242a6ce1762d7d1aa24c9b1432cbee1fe04068d8205ba2e22834131f659406c10af785e52","ssdeep":"1263:59OpUrYXquJQUGLfYw8c3Smu4:g99vfSsxzbMGo1oCvuog8lLYwVzc9Y4zoHBw5hRVxub25PBfKfAgvN","tlsh":"to"},"mime_type":"Government","name":"one_centre.gif","size":3968}}],"bcc":{"address":"industry@technologies.edu"},"cc":{"address":"collaborating@one.ca"},"content_type":"invite","delivery_timestamp":"2023-03-05T05:59:53.453704Z","direction":"order","from":{"address":"working@market.ca"},"local_id":"2MSqE0C2nWZpVdc4zU2b4F","message_id":"PpqpcUaFIhDAZSD97Tf8W","origination_timestamp":"2023-03-04T19:19:11.453817Z","reply_to":{"address":"our@companies.com"},"sender":{"address":"bringing@their.biz"},"subject":"feedback","to":{"address":"open@innovation.edu"},"x_mailer":"Build","parent":{"bcc":{"address":"performs@commercial.edu"},"cc":{"address":"constantly@is.ca"},"from":{"address":"we@assist.biz"},"message_id":"5BHDAFnZF7STKOzGATlhS8","origination_timestamp":"2023-03-03T10:48:36.453908Z","subject":"working","to":{"address":"partners@complex.ca"},"source":"72.152.162.125","destination":"8.100.173.113"}},"faas":{"coldstart":false,"execution":"but","id":"cyber","name":"complex.ppt","trigger":{"request_id":"3juyTlMGwNuJc988LiKETh","type":"timer"},"version":"5.2.3"},"file":{"accessed":"2023-02-16T21:05:10.454049Z","attributes":["key"],"created":"2023-02-18T20:22:15.454067Z","ctime":"2023-02-10T09:03:11.454074Z","device":"cyber","directory":"visit/also/vendors/partnerships/to/selling","drive_letter":"about","extension":"but","fork_name":"canada_technology_companies.jpg","gid":"survey","group":"ADMINS","inode":"key.com","mime_type":"collaborating","mode":"key","mtime":"2023-02-05T13:19:32.454141Z","name":"key_helps.doc","owner":"sizes","path":"product","size":2474,"target_path":"Build","type":"symlink","uid":"all","code_signature":{"digest_algorithm":"sha1","exists":true,"signing_id":"7COySN2bevDVe9NQV3GKXW","status":"engaging","subject_name":"evaluate_bcip_centre.lnk","team_id":"64pneRX6XNjHmEtHUhuzPS","timestamp":"2023-02-19T06:11:37.454271Z","trusted":false,"valid":true},"elf":{"architecture":"our","byte_order":"transition","cpu_type":"across","creation_date":"laboratory","exports":["performs"],"header":{"abi_version":"4.4.5","class":"but","data":"marketplace","entrypoint":3272,"object_version":"6.3.4","os_abi":"visit","type":"other","version":"7.4.2"},"imports":["goods","environment","academia","experts"],"sections":[{"chi2":607,"entropy":1542,"flags":"laboratory","name":"order.gif","physical_offset":"government","physical_size":987,"type":"emerging","virtual_address":1698,"virtual_size":1409},{"chi2":2244,"entropy":3876,"flags":"performs","name":"support.lnk","physical_offset":"in","physical_size":147,"type":"art","virtual_address":2259,"virtual_size":1470}],"segments":[{"chi2":3414,"entropy":3940,"flags":"companies","name":"constantly.jpg","physical_offset":"improve","physical_size":2484,"type":"all","virtual_address":2291,"virtual_size":1698}],"shared_libraries":["cyber","support","on","open"],"telfhash":"selling"},"hash":{"md5":"1e47983cff603d7b2e63289b6e8ce53f","sha1":"9c8b1eff5180b48762054c60d27b224609baf501","sha256":"014e5f65de9128fa829b66b16f92eb7cbb8f87d4893a2030cb055941bc58009f","sha384":"0775cfc768e81f2fbe556b6968858f31214336dc7c2f958d5be157706cb6ddcfff9890885a609cfa2ca869c8992e96ac","sha512":"635ccd8885bbac94b615ae6259b02cb6bef78601ad43c8c9698e70d873b8248a05903fa88658b4655c3a92a2ba11e7031d981ef78fea0eb3fd3ab0b805277bea","ssdeep":"60085:xzxDzzEYagqO16hOBC13Uv4oFKHlrQ6PHY:QOmfbESZchTsHCakEHDT","tlsh":"marketplace"},"pe":{"architecture":"certain","company":"One","description":"One","file_version":"bcip_cyber_assist.lnk","imphash":"visit","original_file_name":"bringing_other.gif","pehash":"is","product":"this"}},"group":{"domain":"key.ca","id":"experts","name":"experts_feedback_innovations.jpg"},"host":{"id":"an","ip":["119.252.182.50"],"mac":["9081CF987F68","3EC6F09176ED"],"name":"us.pdf","domain":"by.com","type":"Centre"},"http":{"request":{"body":{"bytes":407,"content":"website"},"bytes":416,"id":"improve","method":"BCIP","mime_type":"private","referrer":"innovations"},"response":{"body":{"bytes":1111,"content":"support"},"bytes":3016,"mime_type":"us","status_code":3806},"version":"6.5.6"},"organization":{"id":"60","name":"HSMBC"},"process":{"args":["One","work","defence","government"],"args_count":1590,"command_line":"potential","end":"2023-03-04T05:33:28.455002Z","entity_id":"2rAKc8vkXhYboPgVvYrXCs","env_vars":{"key_a":"invite"},"executable":"innovations","exit_code":928,"interactive":true,"name":"tools.exe","parent":[{"args":["the","Centre","collaborating"],"args_count":1251,"command_line":"bringing","end":"2023-03-05T20:03:25.455092Z","entity_id":"V2iQpLs89S73inneG0EII","env_vars":{"key_a":"do","key_b":"technology","key_c":"collaborating","key_d":"The"},"executable":"Government","exit_code":3085,"interactive":true,"name":"edge.doc","pid":3202,"same_as_process":true,"start":"2023-03-05T00:49:28.455167Z","user":{"id":"defence","name":"innovation.gif"}},{"args":["examine","cyber","market"],"args_count":2066,"command_line":"experts","end":"2023-03-10T04:32:54.455209Z","entity_id":"6RulpOn9srQSRSpTUicFpp","env_vars":{"key_a":"also","key_b":"supports"},"executable":"across","exit_code":793,"interactive":true,"name":"all_commercial.pdf","pid":2658,"same_as_process":true,"start":"2023-03-02T21:37:36.455274Z","user":{"id":"defence","name":"determine_support.ppt"}},{"args":["goods","technical","For","To"],"args_count":1087,"command_line":"them","end":"2023-02-12T20:30:54.455317Z","entity_id":"9rCcJdeY9zgOFVsHGr4sA","env_vars":{"key_a":"Build","key_b":"technologies","key_c":"Canadian","key_d":"government","key_e":"but"},"executable":"partners","exit_code":3001,"interactive":true,"name":"for_emerging_laboratory.doc","pid":3778,"same_as_process":true,"start":"2023-03-03T09:49:19.455391Z","user":{"id":"an","name":"stays_improve.xls"}}],"pid":1687,"same_as_process":true,"start":"2023-02-12T13:36:18.455416Z","title":"examine","uptime":2693,"user":{"id":"One","name":"work.jpg"},"working_directory":"tools/other"},"registry":{"data":{"bytes":"new","strings":["promote","country","more","development"],"type":"art"},"hive":"programs","key":"sizes","path":"levels","value":"website"},"related":{"hash":["us","their","industry"],"hosts":["constantly.ca","website.biz","laboratory.biz","academia.ca"],"ip":["141.126.75.140","144.63.181.127"],"user":["admin","admin","user","admin"],"id":"potential","uri":["https://the.com/bringing/all/evaluate/examine","http://collaborating.com/The/new/authority/complex/authority"],"signature":["The","academia","Innovation","emerging"]},"server":{"ip":"157.54.171.182","address":"helps","domain":"innovation.com"},"source":{"address":"technology","bytes":1521,"domain":"industry.edu","geo":{"city_name":"partners_all.doc","continent_code":"about","continent_name":"our_defence_laboratory.exe","country_iso_code":"across","country_name":"the_technologies_performs.gif","location":{"lon":1496.36,"lat":3685.65},"name":"technical.xls","postal_code":"authority","region_iso_code":"their","region_name":"across.gif","timezone":"collaborating"},"ip":"137.162.144.9","mac":"5e:16:20:9e:4b:db","nat":{"ip":"142.30.50.179","port":3935},"packets":2244,"port":1704},"threat":{"feed":{"dashboard_id":"7aAyKAKnxmYDxucHsBXmYW","description":"technology","name":"problems.jpg","reference":"sizes"},"framework":"MITRE ATT&CK","group":{"alias":["We"],"id":"For","name":"with.xls","reference":"performs"},"indicator":{"confidence":"them","description":"To be informed without unreasonable delay of the specific offence.","email":{"address":"goods"},"provider":"other","reference":"are","scanner_stats":2745,"sightings":701,"ip":"41.243.86.239","type":"services","first_seen":"2023-02-26T12:40:49.455916Z","last_seen":"2023-03-04T18:21:09.455926Z"},"software":{"alias":["visit","certain"],"id":"vendors","name":"complex_evaluate_all.gif","platform":["performs","innovation"],"reference":"BCIP","type":"potential"},"tactic":{"id":"TA0004","name":"Privilege Escalation","reference":"all"},"technique":{"id":"T1546.003","name":"Windows Management Instrumentation Event Subscription","reference":"authority"}},"tls":{"version":"8.4.9","version_protocol":"8.2.8","client":{"server_name":"more_we_development.exe","ja3":"sizes"},"server":{"ja3s":"tools"}},"url":{"domain":"marketplace.edu","extension":"engaging","fragment":"environment","full":"Innovation","original":"academia","password":"provide","path":"performs","port":3595,"query":"to","registered_domain":"vendors.com","scheme":"Build","subdomain":"centre.com","top_level_domain":"on.edu","username":"admin"},"user":{"domain":"selling.biz","email":"examine@centre.edu","full_name":"government.gif","group":{"domain":"to.biz","id":"levels","name":"key_with.exe"},"hash":"about","id":"partnerships","name":"environment","roles":["industry","government","levels"]},"user_agent":{"device":{"name":"one_work.ppt"},"name":"build.exe","original":"Mozilla/5.0 (iPhone9,4; U; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1","os":{"family":"provide","full":"their","kernel":"certain","name":"programs.gif","platform":"cutting","type":"are","version":"5.0.9"},"version":"6.3.6"},"vulnerability":{"category":["in","supports"],"classification":"academia","description":"them","enumeration":"levels","id":"bringing","reference":"market","report_id":"7Rv6Fh3BHB735S2j1yvMvC"}},"7RvYOONubLrwavDDt8y8MG":{"timestamp":"2023-02-15T02:41:05.721115Z","labels":{"key_a":"their","key_b":"all","key_c":"their","key_d":"security"},"tags":["certain","environment"],"howler":{"id":"7RvYOONubLrwavDDt8y8MG","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Defense Evasion","hash":"133d1c19081319983b5ce3710249f54891dbbdc742e4b32a5911e71fff6f5962","related":["We"],"reliability":4083.56,"severity":2692.07,"volume":2530.47,"confidence":427.45,"score":3399.4,"status":"open","scrutiny":"scanned","escalation":"hit","assessment":null,"comment":[{"id":"23SJC8KZSkaa4136Yr8Ubo","timestamp":"2023-02-14T21:22:31.721321Z","modified":"2023-02-26T16:40:04.721328Z","value":"Nothing in this Charter limits the authority of Parliament or a legislature to advance the equality of status or use of English and French.","user":"shawnh"},{"id":"h6MXQm0bV6qH7c0LsrBl9","timestamp":"2023-02-10T01:36:45.721359Z","modified":"2023-02-08T02:42:35.721363Z","value":"Nothing in sections 16 to 20 abrogates or derogates from any right, privilege or obligation with respect to the English and French languages, or either of them, that exists or is continued by virtue of any other provision of the Constitution of Canada.","user":"user"},{"modified":"2023-03-10T14:55:05.216701Z","id":"34VxPO4E4745KHx1vku1t9","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:05.216664Z"},{"modified":"2023-03-10T14:55:44.612524Z","id":"248qwZAAi7Obs6yJ6ntLAD","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:44.612482Z"},{"modified":"2023-03-10T15:11:50.106762Z","id":"1PxUm04Tf6VdxOFec4Eq3Y","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:50.106708Z"},{"modified":"2023-03-10T15:12:36.063837Z","id":"5BMLgMye8e9Ua8HtQquj9j","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:36.063795Z"},{"modified":"2023-03-10T15:13:06.506366Z","id":"5qJAzuHcD47yqoyRPQUL8s","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:06.506327Z"},{"modified":"2023-03-10T15:13:30.195407Z","id":"217bZxEMzSgISNfnPE3dSa","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:30.195364Z"},{"modified":"2023-03-10T15:14:25.464492Z","id":"4iIrV0G9BVExbPOUiOla9s","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:25.464459Z"},{"modified":"2023-03-10T15:14:52.126897Z","id":"mptR10M7zRZniLb7jGaC4","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:52.126851Z"},{"modified":"2023-03-10T15:19:13.210379Z","id":"6DcWdGEQBV6o3TonAaQ9Qn","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:13.210297Z"},{"modified":"2023-03-10T15:20:06.046398Z","id":"4sYwgQsk8AP8sRwnPnWF4B","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:06.046341Z"},{"modified":"2023-03-10T15:21:44.148037Z","id":"1PLDjOO8qn9gHjGVW0mJPO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:44.147999Z"},{"modified":"2023-03-10T15:26:32.905800Z","id":"44fLjkBBSOasMhz0nrk5kZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:32.905564Z"},{"modified":"2023-03-10T15:31:04.557770Z","id":"16HsOvNztv2T2mzAtFT4Vh","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:04.557719Z"},{"modified":"2023-03-10T15:34:19.123304Z","id":"7mJjBu2a38HFKff46hqMVL","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:19.123249Z"},{"modified":"2023-03-10T15:40:29.917863Z","id":"5nsbnYo7IDq7GnsoUqmmd0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:29.917828Z"}],"log":[{"timestamp":"2023-02-25T07:41:22.721374Z","key":"do","explanation":"Official Languages of Canada.","new_value":"key","type":"removed","previous_value":"academia","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"34VxPO4E4745KHx1vku1t9\\", \\"timestamp\\": \\"2023-03-10T14:55:05.216664Z\\", \\"modified\\": \\"2023-03-10T14:55:05.216701Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:05.300393Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"248qwZAAi7Obs6yJ6ntLAD\\", \\"timestamp\\": \\"2023-03-10T14:55:44.612482Z\\", \\"modified\\": \\"2023-03-10T14:55:44.612524Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:44.686372Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1PxUm04Tf6VdxOFec4Eq3Y\\", \\"timestamp\\": \\"2023-03-10T15:11:50.106708Z\\", \\"modified\\": \\"2023-03-10T15:11:50.106762Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:50.185178Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5BMLgMye8e9Ua8HtQquj9j\\", \\"timestamp\\": \\"2023-03-10T15:12:36.063795Z\\", \\"modified\\": \\"2023-03-10T15:12:36.063837Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:36.143213Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5qJAzuHcD47yqoyRPQUL8s\\", \\"timestamp\\": \\"2023-03-10T15:13:06.506327Z\\", \\"modified\\": \\"2023-03-10T15:13:06.506366Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:06.576422Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"217bZxEMzSgISNfnPE3dSa\\", \\"timestamp\\": \\"2023-03-10T15:13:30.195364Z\\", \\"modified\\": \\"2023-03-10T15:13:30.195407Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:30.275579Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4iIrV0G9BVExbPOUiOla9s\\", \\"timestamp\\": \\"2023-03-10T15:14:25.464459Z\\", \\"modified\\": \\"2023-03-10T15:14:25.464492Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:25.532444Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"mptR10M7zRZniLb7jGaC4\\", \\"timestamp\\": \\"2023-03-10T15:14:52.126851Z\\", \\"modified\\": \\"2023-03-10T15:14:52.126897Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:52.214697Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6DcWdGEQBV6o3TonAaQ9Qn\\", \\"timestamp\\": \\"2023-03-10T15:19:13.210297Z\\", \\"modified\\": \\"2023-03-10T15:19:13.210379Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:13.303353Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4sYwgQsk8AP8sRwnPnWF4B\\", \\"timestamp\\": \\"2023-03-10T15:20:06.046341Z\\", \\"modified\\": \\"2023-03-10T15:20:06.046398Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:06.152179Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1PLDjOO8qn9gHjGVW0mJPO\\", \\"timestamp\\": \\"2023-03-10T15:21:44.147999Z\\", \\"modified\\": \\"2023-03-10T15:21:44.148037Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:44.234440Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"44fLjkBBSOasMhz0nrk5kZ\\", \\"timestamp\\": \\"2023-03-10T15:26:32.905564Z\\", \\"modified\\": \\"2023-03-10T15:26:32.905800Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:33.014521Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"16HsOvNztv2T2mzAtFT4Vh\\", \\"timestamp\\": \\"2023-03-10T15:31:04.557719Z\\", \\"modified\\": \\"2023-03-10T15:31:04.557770Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:04.671714Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7mJjBu2a38HFKff46hqMVL\\", \\"timestamp\\": \\"2023-03-10T15:34:19.123249Z\\", \\"modified\\": \\"2023-03-10T15:34:19.123304Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:19.209617Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5nsbnYo7IDq7GnsoUqmmd0\\", \\"timestamp\\": \\"2023-03-10T15:40:29.917828Z\\", \\"modified\\": \\"2023-03-10T15:40:29.917863Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:29.993661Z"}],"retained":"Canadian","monitored":"enhanced","reported":"commercial","mitigated":"sizes","outline":{"threat":"99.79.164.223","target":"7b83ed80463d3ac3fb544d2fb5926601.gc.ca","indicators":["our_build.gif","innovation_tools.ppt","invite_market.exe","the_build.exe","an_participating_our.pdf","technologies.exe","technical_for_product.lnk","emerging_improve.jpg","selling_visit_canadian.lnk","helps.pdf","them_one.jpg","cyber.jpg"],"summary":"Nothing in sections 16 to 20 abrogates or derogates from any legal or customary right or privilege acquired or enjoyed either before or after the coming into force of this Charter with respect to any language that is not English or French."},"labels":{"assignments":["ADS4B","APA1B"],"generic":["Danger","Outlook","Documentation","Drive"]},"votes":{"benign":["survey","working","is","goods"],"obscure":["evaluate","laboratory"],"malicious":["partners","constantly"]},"dossier":{"key_a":"30"}},"assemblyline":{"antivirus":[{"type":"learn","subtype":"feedback","value":"Cyber","verdict":"safe"},{"type":"promote","subtype":"testing","value":"but","verdict":"malicious"},{"type":"government","subtype":"us","value":"all","verdict":"malicious"}],"attribution":[{"type":"certain","subtype":"product","value":"determine","verdict":"info"},{"type":"tools","subtype":"role","value":"this","verdict":"safe"},{"type":"working","subtype":"sizes","value":"constantly","verdict":"info"}],"behaviour":[{"type":"survey","subtype":"sizes","value":"programs","verdict":"info"}],"domain":[{"type":"role","subtype":"provide","value":"helps","verdict":"industry"},{"type":"more","subtype":"country","value":"assist","verdict":"us"},{"type":"certain","subtype":"art","value":"Cyber","verdict":"collaborating"},{"type":"Build","subtype":"in","value":"services","verdict":"companies"}],"heuristic":[{"type":"examine","subtype":"from","value":"feedback","verdict":"malicious"}],"mitre":{"tactic":[{"type":"laboratory","subtype":"programs","value":"testing","verdict":"malicious"},{"type":"companies","subtype":"order","value":"Build","verdict":"malicious"},{"type":"services","subtype":"companies","value":"technical","verdict":"malicious"}],"technique":[{"type":"support","subtype":"are","value":"certain","verdict":"malicious"},{"type":"promote","subtype":"market","value":"do","verdict":"malicious"},{"type":"complex","subtype":"performs","value":"cutting","verdict":"safe"}]},"uri":[{"type":"problems","subtype":"tools","value":"The","verdict":"stays"}],"yara":[{"type":"country","subtype":"working","value":"enhanced","verdict":"malicious"}]},"agent":{"id":"feedback","name":"innovative_environment.xls","type":"problems","version":"8.5.7"},"cbs":{"sharepoint":{"created":{"application":"innovations","user":"user"},"modified":{"application":"new","user":"admin"}}},"cloud":{"account":{"id":"2UOpV1FUBrzVpr4skopKPY","name":"support_are_technologies.xls"},"availability_zone":"goods","instance":{"id":"key","name":"potential_government.exe"},"machine":{"type":"edge"},"project":{"id":"private","name":"survey.exe"},"provider":"role","region":"open","service":{"name":"Office365"},"tenant_id":"5vs3iNMMRo9mssDfSy63rx"},"container":{"id":"determine","image":{"hash":{"all":["examine","collaborating","cutting"]},"name":"art_innovation_open.pdf","tag":["partners","problems"]},"labels":{"key_a":"open"},"name":"program_website_evaluate.doc","runtime":"all"},"destination":{"address":"The","bytes":3637,"domain":"authority.edu","geo":{"city_name":"this_do.exe","continent_code":"Centre","continent_name":"build_in_collaborating.doc","country_iso_code":"One","country_name":"this_order_collaborating.lnk","location":{"lon":2399.97,"lat":2553.73},"name":"across.xls","postal_code":"selling","region_iso_code":"are","region_name":"visit_innovative.doc","timezone":"provide"},"ip":"200.245.17.196","mac":"7c:25:44:6d:0b:bf","nat":{"ip":"98.109.187.97","port":1414},"packets":2231,"port":1074},"dns":{"answers":[{"class":"BCIP","data":"is","name":"learn_services.pdf","ttl":509,"type":"edge"},{"class":"authority","data":"certain","name":"innovation_us.lnk","ttl":1690,"type":"Program"},{"class":"supports","data":"support","name":"survey_canada.pdf","ttl":2384,"type":"supports"}],"header_flags":["Canadian","partnerships"],"id":"companies","op_code":"Centre","question":{"class":"laboratory","name":"promote.xls","registered_domain":"improve.edu","subdomain":"laboratory.edu","top_level_domain":"support.biz","type":"To"},"resolved_ip":["219.193.95.83","183.248.238.203","183.212.32.242"],"response_code":"Government","type":"new"},"ecs":{"version":"8.5.9"},"error":{"code":"from","message":"problems"},"event":{"action":"stays","category":["file","threat","threat","configuration"],"code":"tools","created":"2023-03-03T12:27:59.722082Z","dataset":"participating","duration":2622,"end":"2023-02-25T07:46:55.722093Z","hash":"commercial","id":"7RvYOONubLrwavDDt8y8MG","ingested":"2023-02-08T04:49:28.722101Z","kind":"pipeline_error","module":"security","original":"to","outcome":"failure","provider":"NBS","reason":"One","reference":"technical","risk_score":2676.56,"risk_score_norm":2372.24,"sequence":3028,"severity":236,"start":"2023-02-09T00:01:45.722132Z","timezone":"emerging","type":["access","error","group"],"url":"The"},"email":{"attachments":[{"file":{"extension":"more","hash":{"md5":"387aadbcfcb44054739065f78b638dd7","sha1":"710825a99960bbb1046645a1405055e2b3c0a364","sha256":"a7aa24f2a1c0008d7f363bdb1663b0319ddedaa09aee8359f07b354e17d4b478","sha384":"ca0bef9d3546122330050fc03cbb22221b63e4b19721da41476632216a71295a45d52551d104ed44c810fc3a4207ad4a","sha512":"3b890edb8d45804d35185b1c2ed0c726b6ccdbe4e2c0ad117c6fe2f81020a11721db0b1b629ad1f38eac0daf59c986af6d1b1631e2f9b13e482bb8ca9f3c5b50","ssdeep":"55376:ib5pUru1tnFTTdZT9RtAQOOJ:0Gl49qcPUPDY0JP1FLtPtO9sw63sp2I4bSrbf0oiRKC","tlsh":"but"},"mime_type":"with","name":"problems_problems_them.exe","size":3849}},{"file":{"extension":"constantly","hash":{"md5":"08f6657f69e46735805a6a9f4306d769","sha1":"03b81380a6ba6c15864c6ffe8f99cb224cd2e7a6","sha256":"b30327cd0cb5ffb60576ead91e462e567e6d2187c7d814b8d6c8d7c2ffc2083f","sha384":"5548e48c13fc548575aa76da544b49d1febb8a28935eeff60cb02cce84cee6280da9c15798a469f6be285722b9c6a0e9","sha512":"e5b51e8b4a9b4861190820d7088990c5d96f77e6b75b605ede5b53bdf782460b696f80aa48941c6c42e51799a37a5b48d9480f9d5b711b01b81b650979196591","ssdeep":"80613:DDEhP81fsBJeftRcboOys:4sHL2ZnyVCVPQXE8RYli4tbw2AmwGveu5zrGAKAbR8OPdY7e5a5FnBI5RX","tlsh":"Centre"},"mime_type":"development","name":"determine_product_by.lnk","size":2617}}],"bcc":{"address":"our@website.com"},"cc":{"address":"environment@edge.edu"},"content_type":"website","delivery_timestamp":"2023-02-24T13:44:52.722525Z","direction":"by","from":{"address":"levels@emerging.edu"},"local_id":"2FDyEYnVsLr87obaF6hMFe","message_id":"1m6VmJivZoNGj7UhHWcT2L","origination_timestamp":"2023-02-07T02:32:37.722581Z","reply_to":{"address":"canadian@participating.com"},"sender":{"address":"innovation@government.edu"},"subject":"One","to":{"address":"transition@innovative.ca"},"x_mailer":"industry","parent":{"bcc":{"address":"cutting@order.biz"},"cc":{"address":"stays@private.edu"},"from":{"address":"learn@innovations.ca"},"message_id":"48WrSmvrHQ3lbZTBGtM7tR","origination_timestamp":"2023-03-02T08:44:34.722638Z","subject":"constantly","to":{"address":"innovation@also.com"},"source":"56.245.44.204","destination":"41.111.44.54"}},"faas":{"coldstart":false,"execution":"other","id":"security","name":"determine_innovation_product.doc","trigger":{"request_id":"2WFRF9d6FPhcBHHODUI094","type":"other"},"version":"8.3.6"},"file":{"accessed":"2023-02-24T13:43:59.722712Z","attributes":["Program","the"],"created":"2023-02-24T14:08:13.722725Z","ctime":"2023-02-18T10:50:15.722729Z","device":"across","directory":"invite/private/selling/academia/testing/all","drive_letter":"complex","extension":"by","fork_name":"more.lnk","gid":"defence","group":"USERS","inode":"the.com","mime_type":"innovative","mode":"BCIP","mtime":"2023-02-17T15:19:05.722770Z","name":"innovation_commercial_companies.jpg","owner":"technologies","path":"new","size":1283,"target_path":"tools","type":"symlink","uid":"performs","code_signature":{"digest_algorithm":"md5","exists":true,"signing_id":"6HSSag3Kmn46lcWUSsKYX5","status":"We","subject_name":"website.exe","team_id":"3Lg2w72VcR02SJtDKHjOgE","timestamp":"2023-02-28T02:01:39.722853Z","trusted":true,"valid":false},"elf":{"architecture":"To","byte_order":"do","cpu_type":"complex","creation_date":"their","exports":["levels","security","constantly"],"header":{"abi_version":"4.5.5","class":"commercial","data":"experts","entrypoint":1592,"object_version":"6.2.5","os_abi":"support","type":"art","version":"6.5.5"},"imports":["state","market"],"sections":[{"chi2":1754,"entropy":3832,"flags":"learn","name":"in_visit_government.gif","physical_offset":"Program","physical_size":2179,"type":"product","virtual_address":1024,"virtual_size":2881},{"chi2":1305,"entropy":330,"flags":"supports","name":"on_role.xls","physical_offset":"environment","physical_size":2178,"type":"vendors","virtual_address":2415,"virtual_size":162}],"segments":[{"chi2":3188,"entropy":4056,"flags":"survey","name":"visit_testing.xls","physical_offset":"technical","physical_size":3890,"type":"cutting","virtual_address":1610,"virtual_size":770},{"chi2":3569,"entropy":1407,"flags":"in","name":"about_collaborating.jpg","physical_offset":"private","physical_size":684,"type":"transition","virtual_address":927,"virtual_size":1203}],"shared_libraries":["emerging"],"telfhash":"To"},"hash":{"md5":"c92ccc0d54e43f7677bfc15caca69639","sha1":"3cdec5ebd2e30848111b4028fb82ae7a683f03c1","sha256":"6b7c4234f0a4ed0d9ea9bd9aa516d0a6d6110abfaef0103a84a6deb8a1b57dae","sha384":"553d2d110f6b4b4c7e8bcb2181999f78e25b32f53a4e103d57ef8f694d744eabe8100654e46233c18dc3f5b8086bf4b5","sha512":"04ddfc4e22748e58aab39fa43e6d958d4b31b529372d9995735efe7702d829c6a9ec456c584d6768bde3a8c4af2ae46d1bbe2163429634671277682401f3d71d","ssdeep":"94254:mDY3bfS083SuwbQsBKPtY8UKoa2Bi1YIy1ri2TbFQsus5:rTYETjjoNJp7St3OznQNBlx6UlPHxYgTqAgv5PRyVnQdp6AJz5SQ2","tlsh":"learn"},"pe":{"architecture":"promote","company":"survey","description":"testing","file_version":"website_enhanced.jpg","imphash":"innovative","original_file_name":"companies_evaluate.jpg","pehash":"levels","product":"authority"}},"group":{"domain":"this.ca","id":"provide","name":"across_technologies.ppt"},"host":{"id":"Innovation","ip":["7.200.171.180","228.75.103.153","156.112.46.9","138.81.247.35"],"mac":["2EF20E96C89F","7328C1E901EE","A13C5D27EAEB"],"name":"one_goods_the.exe","domain":"assist.edu","type":"The"},"http":{"request":{"body":{"bytes":3039,"content":"key"},"bytes":790,"id":"stays","method":"testing","mime_type":"constantly","referrer":"are"},"response":{"body":{"bytes":394,"content":"selling"},"bytes":1052,"mime_type":"determine","status_code":2418},"version":"8.3.3"},"organization":{"id":"159","name":"PacifiCan"},"process":{"args":["us","private"],"args_count":1617,"command_line":"support","end":"2023-02-28T07:27:10.723379Z","entity_id":"2nWatCfmvVkxY24FFEhiK2","env_vars":{"key_a":"commercial","key_b":"Canada","key_c":"emerging","key_d":"Cyber"},"executable":"provide","exit_code":3813,"interactive":false,"name":"market_provide_enhanced.lnk","parent":[{"args":["defence","Government","authority"],"args_count":1694,"command_line":"Government","end":"2023-02-20T22:48:36.723455Z","entity_id":"16369jCo4nhsigPZZze5tl","env_vars":{"key_a":"Cyber","key_b":"cutting","key_c":"market","key_d":"support"},"executable":"to","exit_code":397,"interactive":false,"name":"security.lnk","pid":3509,"same_as_process":true,"start":"2023-02-23T21:36:58.723513Z","user":{"id":"by","name":"goods.pdf"}}],"pid":2343,"same_as_process":false,"start":"2023-02-07T04:04:53.723533Z","title":"tools","uptime":1591,"user":{"id":"technologies","name":"provide.xls"},"working_directory":"also/partnerships"},"registry":{"data":{"bytes":"them","strings":["partners"],"type":"private"},"hive":"in","key":"support","path":"participating","value":"product"},"related":{"hash":["goods","the","about"],"hosts":["laboratory.ca"],"ip":["176.61.189.21","110.51.188.211","254.243.102.87","32.27.127.64"],"user":["admin","admin","user","user"],"id":"in","uri":["https://improve.edu/Cyber/about/support/companies/The","http://one.ca/constantly/feedback/supports/cutting","http://complex.ca/potential/government/are/from/website/work"],"signature":["constantly","website","in","complex"]},"server":{"ip":"61.166.142.138","address":"private","domain":"levels.edu"},"source":{"address":"website","bytes":1940,"domain":"authority.ca","geo":{"city_name":"working.doc","continent_code":"One","continent_name":"tools.ppt","country_iso_code":"goods","country_name":"all_visit_visit.jpg","location":{"lon":2738.83,"lat":1984.93},"name":"innovations_product.exe","postal_code":"supports","region_iso_code":"country","region_name":"emerging_engaging_support.ppt","timezone":"authority"},"ip":"89.170.190.111","mac":"1a:14:80:69:8d:bd","nat":{"ip":"133.122.247.130","port":1466},"packets":2652,"port":3847},"threat":{"feed":{"dashboard_id":"2WlBccfeR5zjfohU7deHHJ","description":"One","name":"tools_development.gif","reference":"working"},"framework":"Custom","group":{"alias":["provide"],"id":"goods","name":"security_we.doc","reference":"laboratory"},"indicator":{"confidence":"their","description":"Guarantee of Rights and Freedoms.","email":{"address":"learn"},"provider":"helps","reference":"examine","scanner_stats":1291,"sightings":2492,"ip":"81.10.87.39","type":"goods","first_seen":"2023-02-28T01:11:29.723862Z","last_seen":"2023-02-28T23:00:50.723867Z"},"software":{"alias":["new"],"id":"us","name":"services.gif","platform":["about","feedback","also","them"],"reference":"with","type":"technologies"},"tactic":{"id":"TA0005","name":"Defense Evasion","reference":"working"},"technique":{"id":"T1583.004","name":"Server","reference":"key"}},"tls":{"version":"4.2.0","version_protocol":"7.0.3","client":{"server_name":"innovation_one_performs.jpg","ja3":"feedback"},"server":{"ja3s":"open"}},"url":{"domain":"one.ca","extension":"more","fragment":"collaborating","full":"helps","original":"work","password":"us","path":"evaluate","port":2270,"query":"Program","registered_domain":"authority.com","scheme":"all","subdomain":"authority.ca","top_level_domain":"the.edu","username":"admin"},"user":{"domain":"in.biz","email":"in@build.edu","full_name":"canadian_canadian.gif","group":{"domain":"potential.edu","id":"all","name":"commercial_emerging.xls"},"hash":"stays","id":"problems","name":"innovations","roles":["Centre","private"]},"user_agent":{"device":{"name":"collaborating_of.pdf"},"name":"innovations_survey.jpg","original":"Mozilla/5.0 (Linux; Android 10; SM-G980F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.96 Mobile Safari/537.36","os":{"family":"product","full":"Build","kernel":"across","name":"improve.pdf","platform":"product","type":"supports","version":"7.1.0"},"version":"7.1.3"},"vulnerability":{"category":["Program"],"classification":"stays","description":"Cyber","enumeration":"levels","id":"government","reference":"technical","report_id":"5sfsmb4aCirAN94KqrVjzh"}},"1JFI6F7Q9K9V1fRJcFfDXt":{"timestamp":"2023-02-24T16:54:10.070705Z","labels":{"key_a":"academia","key_b":"experts"},"tags":["do","constantly","technologies","country"],"howler":{"id":"1JFI6F7Q9K9V1fRJcFfDXt","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Impact","hash":"a09cee6099dd11609ba76181b117f85beff3d003d8dc55137c28baa55db4ad26","related":["complex","role","more","examine"],"reliability":1439.77,"severity":2016.4,"volume":2778.56,"confidence":3607.65,"score":3926.18,"status":"open","scrutiny":"unseen","escalation":"alert","assessment":null,"comment":[{"id":"7cbjcGZoGaBkp6ecjMMmd2","timestamp":"2023-02-06T14:31:51.070886Z","modified":"2023-02-16T06:58:59.070891Z","value":"Freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication.","user":"user"},{"id":"8guKldQYgSe53rBJjxBMD","timestamp":"2023-02-11T11:29:50.070918Z","modified":"2023-02-25T13:08:53.070922Z","value":"Either English or French may be used by any person in, or in any pleading in or process issuing from, any court of New Brunswick.","user":"shawnh"},{"id":"73TXYp1Dz06U3wN4dhCDl6","timestamp":"2023-02-04T15:41:48.070946Z","modified":"2023-02-05T07:15:14.070950Z","value":"Proceedings of Parliament.","user":"shawnh"},{"id":"6MNc2w2mf5gBEJ6hFx3u6R","timestamp":"2023-02-04T01:56:36.070973Z","modified":"2023-02-26T04:17:48.070976Z","value":"Freedom of conscience and religion.","user":"admin"},{"modified":"2023-03-10T14:55:05.570993Z","id":"59NJ4OndokNqbIV22abGQh","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:05.570934Z"},{"modified":"2023-03-10T14:55:44.927387Z","id":"77HhgVbRs9kIlNmy79BUfK","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:44.927347Z"},{"modified":"2023-03-10T15:11:50.423487Z","id":"7TKJJm1YYD1GRvgMujAms0","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:50.423439Z"},{"modified":"2023-03-10T15:12:36.383598Z","id":"1M1zK2ZPcwwS3HY1PpFGxJ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:36.383545Z"},{"modified":"2023-03-10T15:13:06.817431Z","id":"5XNyjOCrbViHvM4HLFEWPl","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:06.817383Z"},{"modified":"2023-03-10T15:13:30.522232Z","id":"7Tz8A9B99jFQZGKFkoZj0Z","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:30.522194Z"},{"modified":"2023-03-10T15:14:25.763128Z","id":"76JvwCroOaaiSlawyTtFqN","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:25.763092Z"},{"modified":"2023-03-10T15:14:52.439429Z","id":"4uSas34GU1LVkwIECf5ipp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:52.439386Z"},{"modified":"2023-03-10T15:19:13.603115Z","id":"7XuDz857LAC5dsnKbo4ppX","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:13.603034Z"},{"modified":"2023-03-10T15:20:06.408865Z","id":"5laZuxcfuup5wboRFxXn5k","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:06.408696Z"},{"modified":"2023-03-10T15:21:44.516657Z","id":"6XK3jiZqP7Zq24KYpm9ONO","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:44.516542Z"},{"modified":"2023-03-10T15:26:33.260259Z","id":"13YFB2qHC4Sx9Q28KMXvii","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:33.260214Z"},{"modified":"2023-03-10T15:31:04.928959Z","id":"1nAaijncU6wWSXWMyhUvv8","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:04.928909Z"},{"modified":"2023-03-10T15:34:19.462664Z","id":"3a1fvfKenooE11KALULCUv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:19.462611Z"},{"modified":"2023-03-10T15:40:30.232681Z","id":"1L0L7D4WsFlNJD8yyK7I2u","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:30.232638Z"}],"log":[{"timestamp":"2023-02-09T02:49:01.070986Z","key":"Government","explanation":"Anyone whose rights or freedoms, as guaranteed by this Charter, have been infringed or denied may apply to a court of competent jurisdiction to obtain such remedy as the court considers appropriate and just in the circumstances.","new_value":"market","type":"set","previous_value":"Canadian","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"59NJ4OndokNqbIV22abGQh\\", \\"timestamp\\": \\"2023-03-10T14:55:05.570934Z\\", \\"modified\\": \\"2023-03-10T14:55:05.570993Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:05.659782Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"77HhgVbRs9kIlNmy79BUfK\\", \\"timestamp\\": \\"2023-03-10T14:55:44.927347Z\\", \\"modified\\": \\"2023-03-10T14:55:44.927387Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:45.006492Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7TKJJm1YYD1GRvgMujAms0\\", \\"timestamp\\": \\"2023-03-10T15:11:50.423439Z\\", \\"modified\\": \\"2023-03-10T15:11:50.423487Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:50.494246Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1M1zK2ZPcwwS3HY1PpFGxJ\\", \\"timestamp\\": \\"2023-03-10T15:12:36.383545Z\\", \\"modified\\": \\"2023-03-10T15:12:36.383598Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:36.487991Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5XNyjOCrbViHvM4HLFEWPl\\", \\"timestamp\\": \\"2023-03-10T15:13:06.817383Z\\", \\"modified\\": \\"2023-03-10T15:13:06.817431Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:06.897163Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7Tz8A9B99jFQZGKFkoZj0Z\\", \\"timestamp\\": \\"2023-03-10T15:13:30.522194Z\\", \\"modified\\": \\"2023-03-10T15:13:30.522232Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:30.624039Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"76JvwCroOaaiSlawyTtFqN\\", \\"timestamp\\": \\"2023-03-10T15:14:25.763092Z\\", \\"modified\\": \\"2023-03-10T15:14:25.763128Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:25.849940Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4uSas34GU1LVkwIECf5ipp\\", \\"timestamp\\": \\"2023-03-10T15:14:52.439386Z\\", \\"modified\\": \\"2023-03-10T15:14:52.439429Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:52.510530Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7XuDz857LAC5dsnKbo4ppX\\", \\"timestamp\\": \\"2023-03-10T15:19:13.603034Z\\", \\"modified\\": \\"2023-03-10T15:19:13.603115Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:13.734856Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5laZuxcfuup5wboRFxXn5k\\", \\"timestamp\\": \\"2023-03-10T15:20:06.408696Z\\", \\"modified\\": \\"2023-03-10T15:20:06.408865Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:06.529685Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6XK3jiZqP7Zq24KYpm9ONO\\", \\"timestamp\\": \\"2023-03-10T15:21:44.516542Z\\", \\"modified\\": \\"2023-03-10T15:21:44.516657Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:44.603456Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"13YFB2qHC4Sx9Q28KMXvii\\", \\"timestamp\\": \\"2023-03-10T15:26:33.260214Z\\", \\"modified\\": \\"2023-03-10T15:26:33.260259Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:33.349618Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1nAaijncU6wWSXWMyhUvv8\\", \\"timestamp\\": \\"2023-03-10T15:31:04.928909Z\\", \\"modified\\": \\"2023-03-10T15:31:04.928959Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:05.010497Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3a1fvfKenooE11KALULCUv\\", \\"timestamp\\": \\"2023-03-10T15:34:19.462611Z\\", \\"modified\\": \\"2023-03-10T15:34:19.462664Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:19.544819Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1L0L7D4WsFlNJD8yyK7I2u\\", \\"timestamp\\": \\"2023-03-10T15:40:30.232638Z\\", \\"modified\\": \\"2023-03-10T15:40:30.232681Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:30.307831Z"}],"retained":"support","monitored":"determine","reported":"sizes","mitigated":"certain","outline":{"threat":"8.253.60.188","target":"open.biz","indicators":["edge_engaging_us.jpg","us_them.lnk","program.pdf","cutting_support_their.lnk"],"summary":"Official languages of New Brunswick."},"labels":{"assignments":["ADS4B"],"generic":["Documentation"]},"votes":{"benign":["all"],"obscure":["innovations","testing","government","survey"],"malicious":["Innovation"]},"dossier":{"key_a":"[\\"BCIP\\", \\"examine\\", \\"transition\\"]","key_b":"true","key_c":"[\\"open\\", \\"also\\"]"}},"assemblyline":{"antivirus":[{"type":"bringing","subtype":"country","value":"their","verdict":"safe"},{"type":"complex","subtype":"emerging","value":"innovative","verdict":"malicious"},{"type":"We","subtype":"security","value":"Cyber","verdict":"malicious"},{"type":"work","subtype":"engaging","value":"collaborating","verdict":"malicious"}],"attribution":[{"type":"goods","subtype":"are","value":"security","verdict":"safe"},{"type":"on","subtype":"marketplace","value":"participating","verdict":"suspicious"}],"behaviour":[{"type":"on","subtype":"more","value":"industry","verdict":"safe"},{"type":"website","subtype":"For","value":"One","verdict":"malicious"},{"type":"the","subtype":"goods","value":"cutting","verdict":"safe"}],"domain":[{"type":"our","subtype":"order","value":"from","verdict":"do"},{"type":"the","subtype":"sizes","value":"on","verdict":"tools"},{"type":"survey","subtype":"marketplace","value":"For","verdict":"experts"},{"type":"engaging","subtype":"across","value":"visit","verdict":"technical"}],"heuristic":[{"type":"with","subtype":"order","value":"collaborating","verdict":"info"}],"mitre":{"tactic":[{"type":"companies","subtype":"private","value":"BCIP","verdict":"info"}],"technique":[{"type":"invite","subtype":"open","value":"evaluate","verdict":"safe"},{"type":"services","subtype":"working","value":"authority","verdict":"malicious"},{"type":"authority","subtype":"other","value":"new","verdict":"safe"}]},"uri":[{"type":"more","subtype":"product","value":"their","verdict":"of"},{"type":"For","subtype":"supports","value":"do","verdict":"To"},{"type":"Innovation","subtype":"experts","value":"We","verdict":"this"},{"type":"certain","subtype":"academia","value":"services","verdict":"experts"}],"yara":[{"type":"innovations","subtype":"edge","value":"laboratory","verdict":"suspicious"},{"type":"but","subtype":"them","value":"participating","verdict":"safe"}]},"agent":{"id":"Canada","name":"work_open.lnk","type":"learn","version":"5.0.4"},"cbs":{"sharepoint":{"created":{"application":"The","user":"user"},"modified":{"application":"Centre","user":"admin"}}},"cloud":{"account":{"id":"q3pNsAEctypd0KijxyVxI","name":"programs_improve.jpg"},"availability_zone":"is","instance":{"id":"programs","name":"sizes_emerging_the.pdf"},"machine":{"type":"is"},"project":{"id":"defence","name":"promote_country_this.lnk"},"provider":"partnerships","region":"Build","service":{"name":"Microsoft Teams"},"tenant_id":"3cJC0MAUSHoZrvvakSqcAs"},"container":{"id":"programs","image":{"hash":{"all":["with"]},"name":"order_defence_to.lnk","tag":["edge"]},"labels":{"key_a":"enhanced"},"name":"government.jpg","runtime":"marketplace"},"destination":{"address":"technology","bytes":2954,"domain":"more.ca","geo":{"city_name":"technology.pdf","continent_code":"vendors","continent_name":"collaborating.gif","country_iso_code":"improve","country_name":"working_programs.jpg","location":{"lon":525.95,"lat":3828.58},"name":"in_state.exe","postal_code":"on","region_iso_code":"country","region_name":"selling_about.exe","timezone":"emerging"},"ip":"137.146.84.183","mac":"97:4f:51:10:0f:da","nat":{"ip":"50.6.55.90","port":2408},"packets":2722,"port":301},"dns":{"answers":[{"class":"with","data":"industry","name":"performs_product.lnk","ttl":2998,"type":"our"},{"class":"innovation","data":"promote","name":"vendors.jpg","ttl":1266,"type":"from"},{"class":"Centre","data":"all","name":"edge_country.pdf","ttl":3098,"type":"invite"}],"header_flags":["work","partnerships"],"id":"helps","op_code":"partnerships","question":{"class":"partners","name":"evaluate_do.ppt","registered_domain":"build.edu","subdomain":"environment.biz","top_level_domain":"constantly.ca","type":"government"},"resolved_ip":["188.70.30.93"],"response_code":"innovative","type":"One"},"ecs":{"version":"7.5.0"},"error":{"code":"partnerships","message":"performs"},"event":{"action":"development","category":["package","intrusion_detection","driver"],"code":"environment","created":"2023-03-02T22:04:54.071686Z","dataset":"other","duration":2129,"end":"2023-02-16T13:21:25.071696Z","hash":"defence","id":"1JFI6F7Q9K9V1fRJcFfDXt","ingested":"2023-02-17T18:50:34.071705Z","kind":"state","module":"on","original":"technologies","outcome":"unknown","provider":"NBS","reason":"experts","reference":"role","risk_score":269.15,"risk_score_norm":2013.06,"sequence":3886,"severity":857,"start":"2023-02-16T08:57:05.071733Z","timezone":"private","type":["admin","connection"],"url":"our"},"email":{"attachments":[{"file":{"extension":"levels","hash":{"md5":"eadc53a79dd6b73b39646ea1686d4bc0","sha1":"34a79ab46f780e0cc7d5ae4dcf039bf265db5fc0","sha256":"f7cbdc681708f9eff4fdde19b6908dd13f9aec0dd76302cd14193c865fd77dbe","sha384":"6fd5cd1b35a006e7bec26a88f3b8d3b7ea8798e22974fc1097ad5a5e761c3a3d4e0bbf067fc2621386ac72a2910948fd","sha512":"d0430720f10c3455b9dc93bc13ce171a30cb0a83305c931f75bbec68ecb7502a2f6f35e22661c246d84bdc758aada15afb8117922d4d674d07af2c462697f56c","ssdeep":"84375:89qZDxfBb45Gq79SNdu0j9aXketmU18PHGtGJv5:EdXzVrFPjjjMizBBx6pHDi","tlsh":"role"},"mime_type":"government","name":"determine_we_cutting.pdf","size":3607}},{"file":{"extension":"selling","hash":{"md5":"dc4969b783f7f0506f4858aa2198fb64","sha1":"026d8b832af8787be67961b2d43f5dd20f7abe34","sha256":"5b6b6c90e77f4d91f979882c81276eab977e910b44eeaf07dd06caaab5a404ef","sha384":"3b4bd719c20c2e25512a021ae88f141713f455a272a5303c4d4ee7aaf9a1a471326a1ba727b097b681520479f8ba25b0","sha512":"8f0c663cf806bfb292c0080c478bdfffe2eb5e2470044fb84e7a48151ac89d614ac90c16685972170bd6776ed413fd3b98868c55ed07754177f45dfca0330f73","ssdeep":"25861:knmXblCghgd4LPX8VYgB9r6714G61SmQBaz5zObDJoJvBy0jsPNgcG6X:0FnvYPaOqtIo0OAzeFIZIAQ1F9stQ5k5A","tlsh":"technologies"},"mime_type":"emerging","name":"certain_from_to.lnk","size":3254}}],"bcc":{"address":"support@key.biz"},"cc":{"address":"open@build.ca"},"content_type":"commercial","delivery_timestamp":"2023-02-15T16:26:00.072113Z","direction":"Canadian","from":{"address":"feedback@the.biz"},"local_id":"d9Bu05KGrpQRNit2YNheX","message_id":"7KQgd9IZ6KulOcJ60zmfVj","origination_timestamp":"2023-02-24T21:44:42.072163Z","reply_to":{"address":"edge@us.biz"},"sender":{"address":"visit@art.edu"},"subject":"The","to":{"address":"goods@this.ca"},"x_mailer":"about","parent":{"bcc":{"address":"determine@by.edu"},"cc":{"address":"performs@new.biz"},"from":{"address":"performs@working.edu"},"message_id":"4BF9hCBQnNd0jgMUFdCo4T","origination_timestamp":"2023-02-24T00:38:29.072214Z","subject":"Canadian","to":{"address":"we@vendors.biz"},"source":"53.252.182.3","destination":"208.76.145.75"}},"faas":{"coldstart":true,"execution":"companies","id":"defence","name":"collaborating_provide_of.ppt","trigger":{"request_id":"CtSu1XhGOJxgiUV82FIu8","type":"other"},"version":"6.5.7"},"file":{"accessed":"2023-02-05T17:09:23.072279Z","attributes":["all","experts","development"],"created":"2023-02-06T21:16:53.072293Z","ctime":"2023-02-10T15:13:57.072296Z","device":"to","directory":"improve/for/of/laboratory/innovation","drive_letter":"with","extension":"engaging","fork_name":"services.gif","gid":"the","group":"USERS","inode":"improve.biz","mime_type":"The","mode":"goods","mtime":"2023-02-19T02:06:23.072332Z","name":"survey_innovation.xls","owner":"We","path":"provide","size":870,"target_path":"innovation","type":"symlink","uid":"market","code_signature":{"digest_algorithm":"sha512","exists":false,"signing_id":"2FAoitGbrSPZvFAZVmVJgx","status":"vendors","subject_name":"sizes_cyber.exe","team_id":"6AY1bLCdBAMFdtXiY1ui1q","timestamp":"2023-03-09T03:49:57.072405Z","trusted":false,"valid":true},"elf":{"architecture":"supports","byte_order":"open","cpu_type":"working","creation_date":"in","exports":["vendors","engaging","For"],"header":{"abi_version":"7.3.8","class":"complex","data":"innovation","entrypoint":192,"object_version":"5.5.9","os_abi":"market","type":"all","version":"7.4.8"},"imports":["complex","survey"],"sections":[{"chi2":3194,"entropy":486,"flags":"companies","name":"supports_are_bcip.doc","physical_offset":"improve","physical_size":3138,"type":"participating","virtual_address":2187,"virtual_size":2916}],"segments":[{"chi2":2964,"entropy":2611,"flags":"For","name":"learn_testing_this.pdf","physical_offset":"support","physical_size":3307,"type":"transition","virtual_address":210,"virtual_size":2555}],"shared_libraries":["also","more","engaging","technical"],"telfhash":"Canadian"},"hash":{"md5":"b116a7977d5915b1f2e5c6d371753951","sha1":"48e7443419893c6511e72c643cbf156fe366c734","sha256":"154b5b2240bbbe9884663a5796f58c3d503cad89fb390eb07465bd89dafe54b0","sha384":"71b05f1738c5480d9cbb58f4d9e2835ff8bc490c97a6a9f8265807d60086e458869b2dbd1f471e1272caf6f293b7a2b8","sha512":"1159880bf8b2a436679521ede49d95892366c79b16669ad9bb601cdb486d257af6430bc7952cd9d25bca94c0867c9a4aca23bd77f81480f4c25904175c835f80","ssdeep":"58738:0cIPhRDnalf8P1Sjb7UNJqlFGeuHx6A4Bq6I0vs94:rZdpxg1EPvQ5mGR101SwdBfx4","tlsh":"role"},"pe":{"architecture":"evaluate","company":"goods","description":"stays","file_version":"helps_evaluate_from.xls","imphash":"product","original_file_name":"are.gif","pehash":"new","product":"country"}},"group":{"domain":"are.edu","id":"transition","name":"security_an_testing.exe"},"host":{"id":"We","ip":["38.16.244.134"],"mac":["EF515469F21B"],"name":"of_certain.jpg","domain":"feedback.edu","type":"For"},"http":{"request":{"body":{"bytes":2625,"content":"environment"},"bytes":151,"id":"provide","method":"collaborating","mime_type":"order","referrer":"industry"},"response":{"body":{"bytes":3910,"content":"do"},"bytes":2739,"mime_type":"all","status_code":3040},"version":"5.4.9"},"organization":{"id":"24","name":"WAGE"},"process":{"args":["survey","assist","edge","supports"],"args_count":2816,"command_line":"problems","end":"2023-03-10T08:23:15.072800Z","entity_id":"63rvr223kUyOxwm4aceRq6","env_vars":{"key_a":"technology","key_b":"also","key_c":"more"},"executable":"potential","exit_code":1346,"interactive":false,"name":"technologies.xls","parent":[{"args":["programs"],"args_count":3217,"command_line":"key","end":"2023-02-07T16:06:59.072856Z","entity_id":"11c8cp9EF4g6HKgtI6mCnB","env_vars":{"key_a":"authority","key_b":"market","key_c":"Cyber","key_d":"authority","key_e":"innovative"},"executable":"certain","exit_code":669,"interactive":true,"name":"performs_new_partners.pdf","pid":2962,"same_as_process":true,"start":"2023-03-04T13:48:35.072906Z","user":{"id":"enhanced","name":"one_across_survey.gif"}},{"args":["learn","assist"],"args_count":170,"command_line":"authority","end":"2023-02-11T12:01:38.072931Z","entity_id":"2250dLjJLQUPCAIM1Ogot2","env_vars":{"key_a":"potential"},"executable":"of","exit_code":2857,"interactive":false,"name":"the.gif","pid":1947,"same_as_process":true,"start":"2023-02-09T18:00:02.072971Z","user":{"id":"Government","name":"problems_determine.gif"}}],"pid":1377,"same_as_process":true,"start":"2023-02-20T12:45:35.072987Z","title":"The","uptime":2528,"user":{"id":"experts","name":"government_goods_also.pdf"},"working_directory":"to/support/government/are/levels/assist"},"registry":{"data":{"bytes":"vendors","strings":["do","companies","goods"],"type":"country"},"hive":"Canadian","key":"One","path":"companies","value":"companies"},"related":{"hash":["environment","industry","stays"],"hosts":["us.edu","selling.com","programs.biz","authority.biz"],"ip":["54.203.101.49","142.132.9.109","110.226.21.161"],"user":["user","user"],"id":"innovative","uri":["http://we.com/services/collaborating/problems/services","http://website.com/academia/Government/support/bringing","https://certain.ca/The/To","ftp://from.biz/laboratory/testing/development/industry/experts/levels"],"signature":["For","evaluate"]},"server":{"ip":"181.175.184.50","address":"country","domain":"provide.ca"},"source":{"address":"innovative","bytes":735,"domain":"to.ca","geo":{"city_name":"with_across_state.ppt","continent_code":"constantly","continent_name":"key.jpg","country_iso_code":"For","country_name":"services_innovative_do.gif","location":{"lon":504.67,"lat":3677.91},"name":"determine_technology.xls","postal_code":"enhanced","region_iso_code":"partnerships","region_name":"other_for_centre.lnk","timezone":"technologies"},"ip":"191.49.169.63","mac":"85:f8:ef:57:c3:df","nat":{"ip":"58.118.67.9","port":1509},"packets":2217,"port":2894},"threat":{"feed":{"dashboard_id":"2jVOw4i30uqIk7wEH3mHXE","description":"art","name":"us_new_market.doc","reference":"government"},"framework":"Custom","group":{"alias":["partnerships"],"id":"For","name":"the_centre.jpg","reference":"laboratory"},"indicator":{"confidence":"are","description":"Includes, where the number of those children so warrants, the right to have them receive that instruction in minority language educational facilities provided out of public funds.","email":{"address":"transition"},"provider":"market","reference":"feedback","scanner_stats":3766,"sightings":1441,"ip":"80.34.206.62","type":"the","first_seen":"2023-03-02T23:22:10.073271Z","last_seen":"2023-02-22T07:20:34.073276Z"},"software":{"alias":["promote","feedback"],"id":"We","name":"constantly.gif","platform":["across"],"reference":"We","type":"key"},"tactic":{"id":"TA0040","name":"Impact","reference":"laboratory"},"technique":{"id":"T1546.003","name":"Windows Management Instrumentation Event Subscription","reference":"by"}},"tls":{"version":"8.2.0","version_protocol":"5.1.1","client":{"server_name":"problems_cutting.xls","ja3":"more"},"server":{"ja3s":"are"}},"url":{"domain":"transition.biz","extension":"innovative","fragment":"work","full":"industry","original":"new","password":"The","path":"environment","port":3413,"query":"technologies","registered_domain":"edge.com","scheme":"all","subdomain":"private.edu","top_level_domain":"levels.edu","username":"user"},"user":{"domain":"promote.com","email":"environment@program.com","full_name":"evaluate_role_complex.lnk","group":{"domain":"provide.ca","id":"industry","name":"innovations_feedback_supports.xls"},"hash":"partnerships","id":"work","name":"cyber","roles":["transition","participating","invite"]},"user_agent":{"device":{"name":"provide_innovations_edge.doc"},"name":"key_partners.pdf","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.46","os":{"family":"One","full":"Canada","kernel":"laboratory","name":"technologies_certain.gif","platform":"support","type":"bringing","version":"5.5.3"},"version":"8.2.0"},"vulnerability":{"category":["security","private","market","commercial"],"classification":"our","description":"emerging","enumeration":"enhanced","id":"helps","reference":"laboratory","report_id":"2Em9BgRzmDxJeXKnhsxLE0"}},"1Pj9DsQJJi94e3z87UKK15":{"timestamp":"2023-03-08T16:48:20.233608Z","labels":{"key_a":"other","key_b":"provide"},"tags":["levels","private","development","To"],"howler":{"id":"1Pj9DsQJJi94e3z87UKK15","analytic":"HERETIC","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Lateral Movement","hash":"0e72a7c24251cfb687b6fac6cc38c6172dd7b0e780b1ac9e27a4139a7e07df84","related":["the"],"reliability":3652.06,"severity":1835.25,"volume":1352.76,"confidence":1160.52,"score":4023.8,"status":"open","scrutiny":"scanned","escalation":"hit","assessment":null,"comment":[{"id":"2PyoL27HTzTcWZ4J3ktght","timestamp":"2023-02-19T00:00:10.233790Z","modified":"2023-03-03T09:38:04.233796Z","value":"Equality Rights.","user":"admin"},{"modified":"2023-03-10T14:55:05.906327Z","id":"1Lb0hiyMLH9p4dGJ5OFMmb","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:05.906278Z"},{"modified":"2023-03-10T14:55:45.260954Z","id":"3qRxwhPhaDqwuIhmt4aqhJ","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:45.260875Z"},{"modified":"2023-03-10T15:11:50.733383Z","id":"5xfivHymAsvSR9O4dCMSeE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:50.733342Z"},{"modified":"2023-03-10T15:12:36.749127Z","id":"Jek0dmaAAw1WzJeFBHgBT","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:36.749083Z"},{"modified":"2023-03-10T15:13:07.128988Z","id":"gE1kscm5j23sxSsDqSl8G","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:07.128948Z"},{"modified":"2023-03-10T15:13:30.851304Z","id":"EZLyrKn5893NM8Zxtw0Dk","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:30.851265Z"},{"modified":"2023-03-10T15:14:26.071869Z","id":"3cj4daQWMQWRkiT94KTWMd","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:26.071779Z"},{"modified":"2023-03-10T15:14:52.739003Z","id":"4ZbrfM0gRyoMyEnYzTarfx","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:52.738929Z"},{"modified":"2023-03-10T15:19:13.999933Z","id":"3ulkCyvjcUtjQb08NwTA34","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:13.999875Z"},{"modified":"2023-03-10T15:20:06.790926Z","id":"5J3k2NSs0YojQlasJYUkZV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:06.790888Z"},{"modified":"2023-03-10T15:21:44.864808Z","id":"zgLzBBwg1hyZ9ToIKgH6F","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:44.864757Z"},{"modified":"2023-03-10T15:26:33.579030Z","id":"1VaKTjZHViXHBlb8cPk7Ut","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:33.578994Z"},{"modified":"2023-03-10T15:31:05.244549Z","id":"1NCZxHZs9rtNsIyL2ho0Ez","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:05.244484Z"},{"modified":"2023-03-10T15:34:19.800278Z","id":"1FR5ferriyGayAG2riUI5p","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:19.800234Z"},{"modified":"2023-03-10T15:40:30.531409Z","id":"2VXrzvnURzccqZUOVdSOGE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:30.531375Z"}],"log":[{"timestamp":"2023-03-03T17:09:16.233808Z","key":"Centre","explanation":"Not to be denied reasonable bail without just cause.","new_value":"companies","type":"set","previous_value":"about","user":"user"},{"timestamp":"2023-03-02T12:09:27.233845Z","key":"art","explanation":"A declaration made under subsection shall cease to have effect five years after it comes into force or on such earlier date as may be specified in the declaration.","new_value":"role","type":"removed","previous_value":"their","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1Lb0hiyMLH9p4dGJ5OFMmb\\", \\"timestamp\\": \\"2023-03-10T14:55:05.906278Z\\", \\"modified\\": \\"2023-03-10T14:55:05.906327Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:05.981243Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3qRxwhPhaDqwuIhmt4aqhJ\\", \\"timestamp\\": \\"2023-03-10T14:55:45.260875Z\\", \\"modified\\": \\"2023-03-10T14:55:45.260954Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:45.353903Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5xfivHymAsvSR9O4dCMSeE\\", \\"timestamp\\": \\"2023-03-10T15:11:50.733342Z\\", \\"modified\\": \\"2023-03-10T15:11:50.733383Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:50.814090Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Jek0dmaAAw1WzJeFBHgBT\\", \\"timestamp\\": \\"2023-03-10T15:12:36.749083Z\\", \\"modified\\": \\"2023-03-10T15:12:36.749127Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:36.824904Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"gE1kscm5j23sxSsDqSl8G\\", \\"timestamp\\": \\"2023-03-10T15:13:07.128948Z\\", \\"modified\\": \\"2023-03-10T15:13:07.128988Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:07.207982Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"EZLyrKn5893NM8Zxtw0Dk\\", \\"timestamp\\": \\"2023-03-10T15:13:30.851265Z\\", \\"modified\\": \\"2023-03-10T15:13:30.851304Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:30.925422Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3cj4daQWMQWRkiT94KTWMd\\", \\"timestamp\\": \\"2023-03-10T15:14:26.071779Z\\", \\"modified\\": \\"2023-03-10T15:14:26.071869Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:26.139591Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4ZbrfM0gRyoMyEnYzTarfx\\", \\"timestamp\\": \\"2023-03-10T15:14:52.738929Z\\", \\"modified\\": \\"2023-03-10T15:14:52.739003Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:52.814782Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3ulkCyvjcUtjQb08NwTA34\\", \\"timestamp\\": \\"2023-03-10T15:19:13.999875Z\\", \\"modified\\": \\"2023-03-10T15:19:13.999933Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:14.091196Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5J3k2NSs0YojQlasJYUkZV\\", \\"timestamp\\": \\"2023-03-10T15:20:06.790888Z\\", \\"modified\\": \\"2023-03-10T15:20:06.790926Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:06.878079Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"zgLzBBwg1hyZ9ToIKgH6F\\", \\"timestamp\\": \\"2023-03-10T15:21:44.864757Z\\", \\"modified\\": \\"2023-03-10T15:21:44.864808Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:44.949950Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1VaKTjZHViXHBlb8cPk7Ut\\", \\"timestamp\\": \\"2023-03-10T15:26:33.578994Z\\", \\"modified\\": \\"2023-03-10T15:26:33.579030Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:33.668001Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1NCZxHZs9rtNsIyL2ho0Ez\\", \\"timestamp\\": \\"2023-03-10T15:31:05.244484Z\\", \\"modified\\": \\"2023-03-10T15:31:05.244549Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:05.326593Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1FR5ferriyGayAG2riUI5p\\", \\"timestamp\\": \\"2023-03-10T15:34:19.800234Z\\", \\"modified\\": \\"2023-03-10T15:34:19.800278Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:19.875810Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2VXrzvnURzccqZUOVdSOGE\\", \\"timestamp\\": \\"2023-03-10T15:40:30.531375Z\\", \\"modified\\": \\"2023-03-10T15:40:30.531409Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:30.608824Z"}],"retained":"learn","monitored":"technologies","reported":"vendors","mitigated":"more","outline":{"threat":"156.65.134.227","target":"8bdfcaa0c435588168a85160c004e7e2.gc.ca","indicators":["about_promote.jpg","selling_support_the.xls","certain.lnk","goods_selling.gif","government_innovative.gif","of_academia.lnk","visit_environment_examine.pdf","marketplace_emerging_across.ppt","bringing_stays_the.exe","with.exe","innovation.exe","visit_laboratory.pdf","one.xls","bcip_industry_centre.lnk","one_in_private.exe","program_selling_sizes.jpg","laboratory.ppt","build_state.lnk","technologies_work_selling.jpg"],"summary":"Whose first language learned and still understood is that of the English or French linguistic minority population of the province in which they reside, or."},"labels":{"assignments":["APA2B","CCID1A","ADS4B"],"generic":["Drive","Documentation","Danger","Super Teams"]},"votes":{"benign":["certain","edge","website","Build"],"obscure":["defence"],"malicious":["security","other","evaluate","invite"]},"dossier":{"key_a":"cyber"}},"assemblyline":{"antivirus":[{"type":"technical","subtype":"key","value":"academia","verdict":"malicious"},{"type":"technical","subtype":"of","value":"supports","verdict":"malicious"},{"type":"goods","subtype":"potential","value":"new","verdict":"malicious"},{"type":"examine","subtype":"certain","value":"supports","verdict":"info"}],"attribution":[{"type":"new","subtype":"of","value":"technical","verdict":"suspicious"},{"type":"our","subtype":"state","value":"role","verdict":"suspicious"},{"type":"Canada","subtype":"invite","value":"provide","verdict":"safe"}],"behaviour":[{"type":"their","subtype":"partnerships","value":"companies","verdict":"safe"},{"type":"work","subtype":"determine","value":"BCIP","verdict":"suspicious"},{"type":"Build","subtype":"about","value":"Government","verdict":"malicious"},{"type":"government","subtype":"on","value":"potential","verdict":"info"}],"domain":[{"type":"levels","subtype":"their","value":"open","verdict":"work"},{"type":"collaborating","subtype":"market","value":"potential","verdict":"supports"}],"heuristic":[{"type":"invite","subtype":"government","value":"on","verdict":"info"},{"type":"key","subtype":"but","value":"To","verdict":"safe"},{"type":"determine","subtype":"commercial","value":"open","verdict":"malicious"}],"mitre":{"tactic":[{"type":"edge","subtype":"from","value":"authority","verdict":"info"},{"type":"vendors","subtype":"innovative","value":"private","verdict":"malicious"},{"type":"partners","subtype":"Innovation","value":"helps","verdict":"malicious"},{"type":"private","subtype":"promote","value":"security","verdict":"malicious"}],"technique":[{"type":"by","subtype":"Government","value":"experts","verdict":"suspicious"}]},"uri":[{"type":"To","subtype":"innovation","value":"country","verdict":"BCIP"}],"yara":[{"type":"Centre","subtype":"Program","value":"sizes","verdict":"malicious"},{"type":"state","subtype":"product","value":"engaging","verdict":"info"},{"type":"all","subtype":"laboratory","value":"performs","verdict":"malicious"},{"type":"Centre","subtype":"us","value":"security","verdict":"malicious"}]},"agent":{"id":"are","name":"levels_one.doc","type":"learn","version":"5.3.3"},"cbs":{"sharepoint":{"created":{"application":"We","user":"user"},"modified":{"application":"edge","user":"admin"}}},"cloud":{"account":{"id":"4nDqsQTy77tGGxAwyQbUH9","name":"emerging_is.lnk"},"availability_zone":"visit","instance":{"id":"levels","name":"other_technology_the.exe"},"machine":{"type":"cutting"},"project":{"id":"transition","name":"other.jpg"},"provider":"private","region":"levels","service":{"name":"Microsoft Teams"},"tenant_id":"56kfBp710tw4XHTzxXe3sz"},"container":{"id":"enhanced","image":{"hash":{"all":["innovations","technology","sizes","on"]},"name":"to_partnerships.jpg","tag":["partners","collaborating"]},"labels":{"key_a":"cyber","key_b":"examine","key_c":"also","key_d":"on"},"name":"across.pdf","runtime":"this"},"destination":{"address":"commercial","bytes":2730,"domain":"goods.com","geo":{"city_name":"development_of_the.doc","continent_code":"Canada","continent_name":"government.lnk","country_iso_code":"cyber","country_name":"to.exe","location":{"lon":2490.28,"lat":1413.73},"name":"government_complex_but.doc","postal_code":"problems","region_iso_code":"work","region_name":"supports_canadian.pdf","timezone":"to"},"ip":"114.50.82.251","mac":"26:cd:2c:96:08:a0","nat":{"ip":"68.190.12.71","port":2458},"packets":1991,"port":680},"dns":{"answers":[{"class":"open","data":"determine","name":"this.exe","ttl":407,"type":"constantly"},{"class":"Centre","data":"is","name":"provide.jpg","ttl":2674,"type":"on"}],"header_flags":["helps"],"id":"about","op_code":"environment","question":{"class":"website","name":"promote.exe","registered_domain":"to.biz","subdomain":"sizes.ca","top_level_domain":"to.biz","type":"art"},"resolved_ip":["173.124.142.239","235.244.166.241"],"response_code":"technologies","type":"Innovation"},"ecs":{"version":"4.1.2"},"error":{"code":"defence","message":"Canada"},"event":{"action":"services","category":["file","registry"],"code":"authority","created":"2023-03-02T18:34:06.236276Z","dataset":"their","duration":1533,"end":"2023-02-22T18:42:18.236289Z","hash":"We","id":"1Pj9DsQJJi94e3z87UKK15","ingested":"2023-02-26T17:38:59.236298Z","kind":"state","module":"website","original":"technical","outcome":"failure","provider":"HBS","reason":"Innovation","reference":"private","risk_score":2548.63,"risk_score_norm":1828.6,"sequence":2455,"severity":1042,"start":"2023-03-07T04:52:23.236326Z","timezone":"marketplace","type":["access","group","admin","group"],"url":"constantly"},"email":{"attachments":[{"file":{"extension":"the","hash":{"md5":"7f2a1ed221e3394aabe3798e0dbe6cfe","sha1":"108cd15a8242211f9a22618e54968babf140ed7d","sha256":"84b1d300d6fdbd23d6b934c930c16a33e61c394a80b3d7f4bb5a363541828f5d","sha384":"87a4c364b18110e49d6fc65794ae6eceb7fa888f149fe07ecd2fd4c9c80a699f734b1ec2ad8f40f79501e922eebcc5be","sha512":"c42f481851795468e96b0c56cc732034e9ef6976fd96d47fc9b5946ef3d2abed8faf06a26b8cbb24566791183ec861e0b73f893e1f6c3a5d8ce7e7853cf205e7","ssdeep":"33225:zZEtCMefyxzVHBLI6eKfRNxqdyuEytbNlwrzEgjlUSRn1T9rcFlqrfTSzaRubJBe:mhatmHJ7hJqalICoZ7gFgMEHATryJimEOUQPcR6wy010cNEgaoPSytdkvfrl","tlsh":"survey"},"mime_type":"on","name":"transition.doc","size":2468}}],"bcc":{"address":"vendors@our.edu"},"cc":{"address":"support@innovative.ca"},"content_type":"sizes","delivery_timestamp":"2023-03-04T13:13:06.236697Z","direction":"also","from":{"address":"environment@by.edu"},"local_id":"4ZnA2gMWBTCNcytHZPCoOY","message_id":"6xDMDWzwCgkwmOM55y6ZVo","origination_timestamp":"2023-03-01T19:22:06.236802Z","reply_to":{"address":"experts@enhanced.com"},"sender":{"address":"transition@development.edu"},"subject":"edge","to":{"address":"bringing@evaluate.ca"},"x_mailer":"potential","parent":{"bcc":{"address":"work@we.ca"},"cc":{"address":"we@academia.biz"},"from":{"address":"constantly@this.edu"},"message_id":"2crEb58ttoAMHEvIJP4LF6","origination_timestamp":"2023-02-06T18:20:02.236899Z","subject":"innovative","to":{"address":"one@build.biz"},"source":"51.216.105.119","destination":"101.103.167.206"}},"faas":{"coldstart":true,"execution":"their","id":"innovative","name":"this_new_working.jpg","trigger":{"request_id":"6PkWhKTSswSygU5z3q0MYm","type":"other"},"version":"5.2.4"},"file":{"accessed":"2023-03-04T14:04:28.237048Z","attributes":["but"],"created":"2023-02-05T22:08:01.237066Z","ctime":"2023-03-04T05:09:45.237074Z","device":"by","directory":"supports/survey/marketplace/new/improve/art","drive_letter":"provide","extension":"Cyber","fork_name":"survey_support.gif","gid":"is","group":"ANALYSTS","inode":"market.edu","mime_type":"transition","mode":"academia","mtime":"2023-02-06T23:13:54.237147Z","name":"all_do_academia.doc","owner":"provide","path":"emerging","size":2405,"target_path":"helps","type":"file","uid":"transition","code_signature":{"digest_algorithm":"md5","exists":false,"signing_id":"3PIQo5ABKqjApbXD8QV7lV","status":"vendors","subject_name":"the.exe","team_id":"1wh6dnGvOy1GShsbLvmAEc","timestamp":"2023-02-22T00:26:27.237293Z","trusted":false,"valid":false},"elf":{"architecture":"new","byte_order":"For","cpu_type":"enhanced","creation_date":"Cyber","exports":["performs","is"],"header":{"abi_version":"4.5.7","class":"state","data":"commercial","entrypoint":1366,"object_version":"7.4.0","os_abi":"support","type":"an","version":"8.4.9"},"imports":["working","industry","participating"],"sections":[{"chi2":1004,"entropy":2824,"flags":"certain","name":"our_supports.jpg","physical_offset":"this","physical_size":2720,"type":"government","virtual_address":3225,"virtual_size":178},{"chi2":1391,"entropy":3472,"flags":"new","name":"assist.ppt","physical_offset":"participating","physical_size":164,"type":"services","virtual_address":1413,"virtual_size":2459}],"segments":[{"chi2":2209,"entropy":1719,"flags":"programs","name":"build_cyber_invite.exe","physical_offset":"market","physical_size":2717,"type":"For","virtual_address":3414,"virtual_size":3091},{"chi2":1848,"entropy":2928,"flags":"technical","name":"commercial_technology_programs.exe","physical_offset":"state","physical_size":764,"type":"technical","virtual_address":1012,"virtual_size":3096},{"chi2":1238,"entropy":3392,"flags":"their","name":"defence_partners_cyber.exe","physical_offset":"improve","physical_size":531,"type":"support","virtual_address":1241,"virtual_size":2782},{"chi2":1564,"entropy":898,"flags":"BCIP","name":"role_assist.doc","physical_offset":"technology","physical_size":382,"type":"marketplace","virtual_address":828,"virtual_size":4006}],"shared_libraries":["bringing"],"telfhash":"an"},"hash":{"md5":"daf386777cf289125df1428969bc44b7","sha1":"90312ed36062c1d5d093e3c75c70368cfe1d9915","sha256":"3bc73c9ea1da0d8eb7b012d92e807741511c92ab03cfbb4ca712008f2b752a83","sha384":"28e88725156c4e1fe1038285ed3da34693f9a80d6237c7196087b84cd3b11fbc141cdbe16a55cb8ccd14987770a7598f","sha512":"c930d9e485805a4ea44d73cf2f1b53b80de371d5e57f65a06f2799736c4f12cccb8df49387101242fe0292148662d14b32f56dc2c6f67e3bce81c193a6ad0dd0","ssdeep":"18451:4PrrvnYaBPhqGl4ujUEX3Es6oF3Ln:RV7KpjLXSQ8PHErwGb34crXYOOAoiz","tlsh":"Centre"},"pe":{"architecture":"problems","company":"We","description":"examine","file_version":"key_new_we.ppt","imphash":"technologies","original_file_name":"marketplace_examine.doc","pehash":"to","product":"order"}},"group":{"domain":"is.com","id":"role","name":"goods.lnk"},"host":{"id":"commercial","ip":["44.135.96.17","94.143.81.156"],"mac":["028D186A2FA6","DB68E8D6FC15","CD2E772048B8","A2174DFBAB06"],"name":"on.pdf","domain":"promote.ca","type":"engaging"},"http":{"request":{"body":{"bytes":3692,"content":"invite"},"bytes":956,"id":"Centre","method":"examine","mime_type":"bringing","referrer":"with"},"response":{"body":{"bytes":2497,"content":"technologies"},"bytes":1833,"mime_type":"country","status_code":193},"version":"4.1.1"},"organization":{"id":"134","name":"CIB"},"process":{"args":["them","key","innovative","laboratory"],"args_count":3162,"command_line":"bringing","end":"2023-03-02T09:42:16.238076Z","entity_id":"27g3sC1G0fWx3C2VPhlCXI","env_vars":{"key_a":"performs"},"executable":"examine","exit_code":4094,"interactive":true,"name":"their_other.ppt","parent":[{"args":["in","academia","state"],"args_count":2148,"command_line":"laboratory","end":"2023-02-27T23:33:46.238151Z","entity_id":"2oGPVhcfiXKldgufkU7ehv","env_vars":{"key_a":"For"},"executable":"services","exit_code":1295,"interactive":true,"name":"survey_them.ppt","pid":2727,"same_as_process":true,"start":"2023-03-02T04:16:43.238203Z","user":{"id":"transition","name":"innovation_assist_by.xls"}},{"args":["enhanced","partnerships","stays","We"],"args_count":1116,"command_line":"are","end":"2023-02-18T14:43:27.238237Z","entity_id":"7WH9WcLLGPZNf042qsqvMR","env_vars":{"key_a":"them","key_b":"assist","key_c":"more","key_d":"of"},"executable":"invite","exit_code":3978,"interactive":false,"name":"experts_levels_open.xls","pid":3546,"same_as_process":false,"start":"2023-03-07T11:13:50.238293Z","user":{"id":"security","name":"an_but.gif"}},{"args":["security","experts","on","We"],"args_count":205,"command_line":"key","end":"2023-02-18T12:54:14.238324Z","entity_id":"3sAmuldMfFClT3UEECdXvj","env_vars":{"key_a":"development"},"executable":"of","exit_code":1318,"interactive":true,"name":"improve.doc","pid":2564,"same_as_process":false,"start":"2023-02-11T01:51:52.238371Z","user":{"id":"survey","name":"key_new_we.exe"}}],"pid":3940,"same_as_process":true,"start":"2023-03-01T16:16:39.238389Z","title":"our","uptime":996,"user":{"id":"Centre","name":"selling_an_work.pdf"},"working_directory":"their/cyber/stays"},"registry":{"data":{"bytes":"this","strings":["country","edge","technologies","from"],"type":"on"},"hive":"constantly","key":"promote","path":"industry","value":"improve"},"related":{"hash":["technical"],"hosts":["invite.edu","participating.edu"],"ip":["9.55.204.5","176.209.224.135","58.167.236.219","253.231.78.183"],"user":["admin","admin"],"id":"One","uri":["ftp://by.com/Centre/collaborating/environment/their","http://potential.ca/industry/Centre/assist/testing","ftp://partnerships.edu/Program/innovation/technical"],"signature":["supports","about"]},"server":{"ip":"243.172.242.79","address":"working","domain":"companies.com"},"source":{"address":"provide","bytes":1220,"domain":"complex.biz","geo":{"city_name":"country.pdf","continent_code":"environment","continent_name":"technical_across_support.jpg","country_iso_code":"development","country_name":"survey_work.pdf","location":{"lon":1080.24,"lat":1634.62},"name":"edge_is.xls","postal_code":"Build","region_iso_code":"partners","region_name":"canadian_cutting_cutting.xls","timezone":"market"},"ip":"248.237.91.17","mac":"15:c2:45:9c:3d:36","nat":{"ip":"239.190.10.151","port":2388},"packets":1839,"port":617},"threat":{"feed":{"dashboard_id":"4tN7PifEqU2hIgI6Z5Qirw","description":"We","name":"invite_our.gif","reference":"industry"},"framework":"Custom","group":{"alias":["our","sizes","One"],"id":"feedback","name":"order_art_we.xls","reference":"them"},"indicator":{"confidence":"technology","description":"Aboriginal rights and freedoms not affected by Charter.","email":{"address":"this"},"provider":"We","reference":"innovative","scanner_stats":1502,"sightings":2688,"ip":"48.196.25.197","type":"new","first_seen":"2023-02-25T08:55:14.238717Z","last_seen":"2023-02-26T22:51:58.238723Z"},"software":{"alias":["Canadian","to","private"],"id":"of","name":"build.xls","platform":["bringing","bringing","Build","partnerships"],"reference":"their","type":"role"},"tactic":{"id":"TA0008","name":"Lateral Movement","reference":"art"},"technique":{"id":"T1014","name":"Rootkit","reference":"to"}},"tls":{"version":"7.4.7","version_protocol":"6.4.9","client":{"server_name":"sizes_invite.gif","ja3":"programs"},"server":{"ja3s":"is"}},"url":{"domain":"technical.edu","extension":"examine","fragment":"partnerships","full":"work","original":"helps","password":"partners","path":"improve","port":1877,"query":"technical","registered_domain":"defence.com","scheme":"collaborating","subdomain":"levels.ca","top_level_domain":"product.biz","username":"user"},"user":{"domain":"industry.com","email":"defence@commercial.com","full_name":"engaging_by_do.pdf","group":{"domain":"environment.edu","id":"tools","name":"examine.ppt"},"hash":"The","id":"services","name":"role","roles":["security"]},"user_agent":{"device":{"name":"program_partnerships.gif"},"name":"government_constantly_work.doc","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","os":{"family":"this","full":"product","kernel":"working","name":"cutting_academia.pdf","platform":"levels","type":"examine","version":"5.1.3"},"version":"5.3.7"},"vulnerability":{"category":["state","academia","selling"],"classification":"defence","description":"supports","enumeration":"commercial","id":"state","reference":"their","report_id":"6Qh0sXsPj9H9irshU0uwmr"}},"42rpn1ZYE5ZcsIakdmOLgG":{"timestamp":"2023-02-05T10:14:04.850310Z","labels":{"key_a":"invite","key_b":"environment","key_c":"government"},"tags":["key","them"],"howler":{"id":"42rpn1ZYE5ZcsIakdmOLgG","analytic":"AssemblyLine","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Discovery","hash":"872cc3e773886912624f1345a8af7826bb3abfe43e8400fd848d94e5939dac3f","related":["by","role","laboratory","visit"],"reliability":520.36,"severity":1808.75,"volume":1949.47,"confidence":1280.34,"score":3088.73,"status":"open","scrutiny":"unseen","escalation":"hit","assessment":null,"comment":[{"id":"3qkLrz7ieYwpcnUQFbmYzi","timestamp":"2023-02-15T15:29:04.850505Z","modified":"2023-02-28T22:47:12.850511Z","value":"Fundamental Freedoms.","user":"admin"},{"id":"6xvUqRs1MBFc39ks8PGx1B","timestamp":"2023-02-25T01:33:30.850539Z","modified":"2023-02-06T18:25:07.850543Z","value":"Except in the case of an offence under military law tried before a military tribunal, to the benefit of trial by jury where the maximum punishment for the offence is imprisonment for five years or a more severe punishment.","user":"user"},{"id":"68OQvGOBDe23Wisd7OOGS7","timestamp":"2023-02-25T19:20:44.850568Z","modified":"2023-02-26T12:09:13.850571Z","value":"Every citizen of Canada has the right to enter, remain in and leave Canada.","user":"admin"},{"id":"5I5dLe4F3lBxAUsSwvA1kX","timestamp":"2023-02-11T17:20:14.850595Z","modified":"2023-02-12T15:57:29.850598Z","value":"To move to and take up residence in any province.","user":"shawnh"},{"modified":"2023-03-10T14:55:06.191969Z","id":"1gF35DsrK1fwerppsvwTzU","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:06.191918Z"},{"modified":"2023-03-10T14:55:45.595637Z","id":"4Ckcdh3FBkRosql5KrpVel","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:45.595586Z"},{"modified":"2023-03-10T15:11:51.038969Z","id":"ujogjswRO0RJbwieCh8ka","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:51.038932Z"},{"modified":"2023-03-10T15:12:37.063113Z","id":"4maAOA7iVVLgCJaIo2pbwU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:37.063068Z"},{"modified":"2023-03-10T15:13:07.446450Z","id":"7PC7vV1594F6SR3SfyWu2Z","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:07.446416Z"},{"modified":"2023-03-10T15:13:31.172308Z","id":"3KIgnBmgI4quIcXtLeoFOH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:31.172264Z"},{"modified":"2023-03-10T15:14:26.376969Z","id":"7k6bXmAS3IMV3j7c5r0NwK","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:26.376931Z"},{"modified":"2023-03-10T15:14:53.074277Z","id":"1lXDoHb4Nhl2w6hMq3U2kg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:53.074216Z"},{"modified":"2023-03-10T15:19:14.373800Z","id":"2fYYGVLXIALow3ltWbl3oW","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:14.373748Z"},{"modified":"2023-03-10T15:20:07.200024Z","id":"5YEhSKluyviMVICjrzXaJY","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:07.199974Z"},{"modified":"2023-03-10T15:21:45.218537Z","id":"66CQYbt36vnI8BtnRMjhFZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:45.218497Z"},{"modified":"2023-03-10T15:26:33.900181Z","id":"6NDPsx01C0ODe95m3kYSOc","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:33.900147Z"},{"modified":"2023-03-10T15:31:05.566525Z","id":"7T3CtFNsc724wpoDfeU4MJ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:05.566475Z"},{"modified":"2023-03-10T15:34:20.102839Z","id":"5TIxYirz03r0gGgA7rPkQV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:20.102801Z"},{"modified":"2023-03-10T15:40:30.850086Z","id":"6A4o9tqGUEMROQYQTavpu7","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:30.850019Z"}],"log":[{"timestamp":"2023-02-22T09:29:51.850607Z","key":"them","explanation":"Treatment or punishment.","new_value":"provide","type":"appended","previous_value":"of","user":"user"},{"timestamp":"2023-02-19T07:10:02.850627Z","key":"cutting","explanation":"Operation of exception.","new_value":"partners","type":"removed","previous_value":"technologies","user":"admin"},{"timestamp":"2023-02-21T14:36:47.850645Z","key":"is","explanation":"The statutes, records and journals of the legislature of New Brunswick shall be printed and published in English and French and both language versions are equally authoritative.","new_value":"laboratory","type":"removed","previous_value":"constantly","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1gF35DsrK1fwerppsvwTzU\\", \\"timestamp\\": \\"2023-03-10T14:55:06.191918Z\\", \\"modified\\": \\"2023-03-10T14:55:06.191969Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:06.259703Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Ckcdh3FBkRosql5KrpVel\\", \\"timestamp\\": \\"2023-03-10T14:55:45.595586Z\\", \\"modified\\": \\"2023-03-10T14:55:45.595637Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:45.678436Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"ujogjswRO0RJbwieCh8ka\\", \\"timestamp\\": \\"2023-03-10T15:11:51.038932Z\\", \\"modified\\": \\"2023-03-10T15:11:51.038969Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:51.104692Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4maAOA7iVVLgCJaIo2pbwU\\", \\"timestamp\\": \\"2023-03-10T15:12:37.063068Z\\", \\"modified\\": \\"2023-03-10T15:12:37.063113Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:37.143421Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7PC7vV1594F6SR3SfyWu2Z\\", \\"timestamp\\": \\"2023-03-10T15:13:07.446416Z\\", \\"modified\\": \\"2023-03-10T15:13:07.446450Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:07.524029Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3KIgnBmgI4quIcXtLeoFOH\\", \\"timestamp\\": \\"2023-03-10T15:13:31.172264Z\\", \\"modified\\": \\"2023-03-10T15:13:31.172308Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:31.267170Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7k6bXmAS3IMV3j7c5r0NwK\\", \\"timestamp\\": \\"2023-03-10T15:14:26.376931Z\\", \\"modified\\": \\"2023-03-10T15:14:26.376969Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:26.446464Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1lXDoHb4Nhl2w6hMq3U2kg\\", \\"timestamp\\": \\"2023-03-10T15:14:53.074216Z\\", \\"modified\\": \\"2023-03-10T15:14:53.074277Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:53.212414Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2fYYGVLXIALow3ltWbl3oW\\", \\"timestamp\\": \\"2023-03-10T15:19:14.373748Z\\", \\"modified\\": \\"2023-03-10T15:19:14.373800Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:14.462468Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5YEhSKluyviMVICjrzXaJY\\", \\"timestamp\\": \\"2023-03-10T15:20:07.199974Z\\", \\"modified\\": \\"2023-03-10T15:20:07.200024Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:07.291923Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"66CQYbt36vnI8BtnRMjhFZ\\", \\"timestamp\\": \\"2023-03-10T15:21:45.218497Z\\", \\"modified\\": \\"2023-03-10T15:21:45.218537Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:45.305702Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6NDPsx01C0ODe95m3kYSOc\\", \\"timestamp\\": \\"2023-03-10T15:26:33.900147Z\\", \\"modified\\": \\"2023-03-10T15:26:33.900181Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:33.979421Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7T3CtFNsc724wpoDfeU4MJ\\", \\"timestamp\\": \\"2023-03-10T15:31:05.566475Z\\", \\"modified\\": \\"2023-03-10T15:31:05.566525Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:05.650632Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5TIxYirz03r0gGgA7rPkQV\\", \\"timestamp\\": \\"2023-03-10T15:34:20.102801Z\\", \\"modified\\": \\"2023-03-10T15:34:20.102839Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:20.182266Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6A4o9tqGUEMROQYQTavpu7\\", \\"timestamp\\": \\"2023-03-10T15:40:30.850019Z\\", \\"modified\\": \\"2023-03-10T15:40:30.850086Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:30.934349Z"}],"retained":"Innovation","monitored":"technology","reported":"visit","mitigated":"innovative","outline":{"threat":"68.53.228.124","target":"working.edu","indicators":["private_constantly.pdf","partners_tools.exe","bringing.ppt","emerging_country.lnk","technology_state_technical.pdf"],"summary":"Multicultural heritage."},"labels":{"assignments":["APA2B"],"generic":["Danger","Outlook","Documentation"]},"votes":{"benign":["across","goods"],"obscure":["determine","Centre","Canadian","art"],"malicious":["academia","their","art","on"]},"dossier":{"key_a":"[\\"country\\", \\"improve\\", \\"determine\\", \\"provide\\"]","key_b":"false","key_c":"true","key_d":"false"}},"assemblyline":{"antivirus":[{"type":"more","subtype":"sizes","value":"role","verdict":"info"},{"type":"innovations","subtype":"We","value":"improve","verdict":"info"},{"type":"technologies","subtype":"this","value":"Cyber","verdict":"malicious"}],"attribution":[{"type":"transition","subtype":"to","value":"an","verdict":"info"}],"behaviour":[{"type":"their","subtype":"performs","value":"technology","verdict":"malicious"},{"type":"industry","subtype":"edge","value":"their","verdict":"malicious"},{"type":"survey","subtype":"performs","value":"working","verdict":"suspicious"}],"domain":[{"type":"role","subtype":"emerging","value":"partnerships","verdict":"levels"},{"type":"transition","subtype":"our","value":"new","verdict":"their"},{"type":"support","subtype":"BCIP","value":"provide","verdict":"do"}],"heuristic":[{"type":"open","subtype":"market","value":"us","verdict":"suspicious"},{"type":"product","subtype":"other","value":"sizes","verdict":"safe"}],"mitre":{"tactic":[{"type":"The","subtype":"assist","value":"participating","verdict":"safe"}],"technique":[{"type":"supports","subtype":"partners","value":"examine","verdict":"malicious"}]},"uri":[{"type":"commercial","subtype":"from","value":"levels","verdict":"support"},{"type":"services","subtype":"new","value":"cyber","verdict":"levels"}],"yara":[{"type":"For","subtype":"authority","value":"environment","verdict":"info"}]},"agent":{"id":"Program","name":"our_order_collaborating.pdf","type":"learn","version":"5.4.7"},"cbs":{"sharepoint":{"created":{"application":"Innovation","user":"user"},"modified":{"application":"cutting","user":"admin"}}},"cloud":{"account":{"id":"1dNaHa1ctUt7bxshFjyMV7","name":"cyber.gif"},"availability_zone":"services","instance":{"id":"Government","name":"across_experts_in.pdf"},"machine":{"type":"are"},"project":{"id":"working","name":"edge.jpg"},"provider":"laboratory","region":"but","service":{"name":"Google Docs"},"tenant_id":"7CGZXou05C6LiAy0sKbs0B"},"container":{"id":"Government","image":{"hash":{"all":["government","country"]},"name":"edge_environment_key.xls","tag":["innovations","private"]},"labels":{"key_a":"innovative","key_b":"authority"},"name":"their.gif","runtime":"them"},"destination":{"address":"tools","bytes":3942,"domain":"learn.ca","geo":{"city_name":"marketplace.doc","continent_code":"promote","continent_name":"market_improve.pdf","country_iso_code":"supports","country_name":"centre_our_is.ppt","location":{"lon":390.58,"lat":3968.76},"name":"order.doc","postal_code":"Canada","region_iso_code":"environment","region_name":"order.jpg","timezone":"emerging"},"ip":"5.61.234.175","mac":"b5:06:9b:a3:90:13","nat":{"ip":"250.23.29.71","port":944},"packets":1852,"port":923},"dns":{"answers":[{"class":"innovations","data":"provide","name":"development.pdf","ttl":3341,"type":"levels"},{"class":"vendors","data":"One","name":"is_engaging.gif","ttl":3937,"type":"To"},{"class":"To","data":"provide","name":"are.ppt","ttl":2739,"type":"levels"},{"class":"cyber","data":"supports","name":"determine.pdf","ttl":291,"type":"role"}],"header_flags":["other","promote"],"id":"One","op_code":"edge","question":{"class":"transition","name":"innovation.jpg","registered_domain":"performs.edu","subdomain":"all.edu","top_level_domain":"certain.edu","type":"goods"},"resolved_ip":["113.118.28.67","192.224.34.179","110.23.87.9"],"response_code":"tools","type":"supports"},"ecs":{"version":"7.1.0"},"error":{"code":"sizes","message":"an"},"event":{"action":"about","category":["malware"],"code":"all","created":"2023-03-02T16:13:25.851324Z","dataset":"visit","duration":2718,"end":"2023-03-09T15:52:57.851335Z","hash":"role","id":"42rpn1ZYE5ZcsIakdmOLgG","ingested":"2023-03-06T12:55:01.851344Z","kind":"signal","module":"to","original":"this","outcome":"success","provider":"AssemblyLine","reason":"is","reference":"invite","risk_score":1473.49,"risk_score_norm":801.52,"sequence":1272,"severity":2073,"start":"2023-02-28T22:20:14.851373Z","timezone":"emerging","type":["deletion","allowed","start","indicator"],"url":"testing"},"email":{"attachments":[{"file":{"extension":"One","hash":{"md5":"8a21bc5b0691ab84411e641dad0fc606","sha1":"3c60e081eea39f5e75aac8a0c04a0db3bbbbb738","sha256":"883a6a8e413650870534965442eb06f70fb75b6a63ee4b5c022ca79ec8b41769","sha384":"02b5cc5b2f44149140f96fd72b3f1a8074856684c41f8722775c4569d55c6ac373ba015c5a857435c6d57a5f4a94acd5","sha512":"30081b5aa7e4c48ea77f59ffeaeaa7c97a96397e26da2f9c80c07e94e9c0be4d9cf60b3db290bb2768d448bc06676803e495b3d11488762d97490def4dcb7fd8","ssdeep":"83103:bMPrp2ZrYyrsSGcKUcBqaK6nIFcBlnMwVeLQ1ObPGLw1:mARPGPl2mabDsP77X8zGDTPwceqpQpqehTrbgpqpVBE3fkKS1PT4","tlsh":"companies"},"mime_type":"feedback","name":"them_to.exe","size":798}},{"file":{"extension":"For","hash":{"md5":"ea5f08f43ae80798ee6354ab8c1dd502","sha1":"4c9463445958f083eee286c08d4c76341e637b43","sha256":"e191c9c949bc6ae11113a2ef5385783ac149cf6bdac4d937d987b18a7ac9cc05","sha384":"955f91756c86636542ac1eacbc6d1671687994b3a4bdc897e3e8fac68f8a51511bb53a3224b10cb7986d90aecb313c90","sha512":"6811ea594d164d90a14f5e63a624a8146325fc481ccba975b95310ded12e492ba85bf1989262ea0dfc587085e80c38cb77443d810a8fef41b48ea6141b875515","ssdeep":"10836:FYhiVPnxuifvqX26I8EzwFXmkK1ESLxiY9qKYQDYSgNkBadLV79yRA:1Dd3APxGCawunuScofR1HgJqEEq24680L0vDsHpA","tlsh":"support"},"mime_type":"promote","name":"cyber.xls","size":3936}},{"file":{"extension":"sizes","hash":{"md5":"4d661ef3f897848eba71ff6b5b67c641","sha1":"39da9b48850d420848de1a5d4fed121492e6761e","sha256":"e41be3c66eb4e8c479e9a42202c0d2e6e705081c46651c8fe2a2fb1d053d890a","sha384":"6045e6b7d4d26c1fce70f42e7818b2fd63d7be74686be70c3962810b77106e20d9e2f4ab3bc6b234721511fc271d86d2","sha512":"e65c7a228b7571f7eb8b83f4af72b774b3bb3c689b7cd1bf28c782ddc3e89913e796e83f363e62069868b88a8180d12e9b1a12c6d8ffa72bd6df91b72ca04c34","ssdeep":"76131:KdAHPvt7b3hl7oVjmP7mui70MfihZa8y:V920Urmm3tysYnRb2GCU","tlsh":"this"},"mime_type":"art","name":"also.lnk","size":956}},{"file":{"extension":"goods","hash":{"md5":"46b863e897a111b1989d2b7fe9b494fb","sha1":"973fd00a7d1c6854b6a92f8d34de9f74db93eab8","sha256":"403104a863953afc4f61ff311b5bd53551ce61a66c210e8f1a32f880b858d6f4","sha384":"3ab74d29053dce43e3b09e2eb725da693c88ffa415fb79639b15660593b61992b99a0f664be949af782b903e6e4e134f","sha512":"017ac7499da90797c2b43af43696a2d37ef9f01e76037bef0e5080826c1b700c11d9c6eb9e5f388fcdf23f2e5bb81f24923c7c1beb8f19a0431a0147652e0fb9","ssdeep":"1349:ZcufspDbiQ7HzfeV4BkSy1qMSOkXI8aepakn5a:QZBzj4Tva0ggJ5zoquUTIYy27ic6ydcHpnaY3lfjJOsbeHas7lO1UA","tlsh":"partnerships"},"mime_type":"For","name":"performs_in.gif","size":2327}}],"bcc":{"address":"companies@security.ca"},"cc":{"address":"other@we.edu"},"content_type":"Cyber","delivery_timestamp":"2023-02-21T00:16:51.852107Z","direction":"Innovation","from":{"address":"commercial@provide.edu"},"local_id":"2aAHBgL0FoVGVVhMWbV921","message_id":"2VFz2b9WeDsRpnuC4qYYxQ","origination_timestamp":"2023-02-24T05:27:25.852161Z","reply_to":{"address":"performs@also.edu"},"sender":{"address":"but@development.com"},"subject":"key","to":{"address":"all@canadian.biz"},"x_mailer":"services","parent":{"bcc":{"address":"innovation@commercial.com"},"cc":{"address":"private@innovation.biz"},"from":{"address":"promote@problems.edu"},"message_id":"7KBzZAP5R10PAHfbUWjpez","origination_timestamp":"2023-02-16T05:36:24.852214Z","subject":"examine","to":{"address":"new@one.com"},"source":"217.221.45.223","destination":"14.8.144.39"}},"faas":{"coldstart":false,"execution":"innovations","id":"Innovation","name":"program_visit.exe","trigger":{"request_id":"6HVFXefxcSC3ehqqLDbArb","type":"http"},"version":"5.4.5"},"file":{"accessed":"2023-03-05T09:56:56.852285Z","attributes":["evaluate","to","product"],"created":"2023-02-16T05:30:43.852300Z","ctime":"2023-02-13T01:35:55.852304Z","device":"determine","directory":"this/innovation/cutting","drive_letter":"development","extension":"also","fork_name":"art_cyber.gif","gid":"authority","group":"ANALYSTS","inode":"sizes.com","mime_type":"also","mode":"innovative","mtime":"2023-02-11T22:28:31.852341Z","name":"security_potential.ppt","owner":"helps","path":"partnerships","size":3793,"target_path":"examine","type":"dir","uid":"improve","code_signature":{"digest_algorithm":"md5","exists":false,"signing_id":"3ufo5QqG5Lz6vmgdwZGmrP","status":"supports","subject_name":"also.gif","team_id":"7KCbdMAeBNmIqsZk0fB9lB","timestamp":"2023-03-01T10:52:00.852420Z","trusted":false,"valid":false},"elf":{"architecture":"vendors","byte_order":"bringing","cpu_type":"For","creation_date":"working","exports":["transition","environment"],"header":{"abi_version":"8.0.9","class":"provide","data":"from","entrypoint":3513,"object_version":"4.4.8","os_abi":"security","type":"partners","version":"5.2.3"},"imports":["Program","is","feedback","technical"],"sections":[{"chi2":1469,"entropy":4068,"flags":"website","name":"promote.ppt","physical_offset":"working","physical_size":3874,"type":"art","virtual_address":2924,"virtual_size":2405}],"segments":[{"chi2":2012,"entropy":1463,"flags":"Canada","name":"across_for_emerging.pdf","physical_offset":"marketplace","physical_size":1839,"type":"feedback","virtual_address":1228,"virtual_size":4082}],"shared_libraries":["services"],"telfhash":"laboratory"},"hash":{"md5":"c88efb75b4eb1332fd34e6ed1c0fc176","sha1":"018f6b01772083a664d290a8d837dea148461237","sha256":"a63fd892c3daf6630a46af00251bf3cb2ab0bcb18035bc7713339043f05def9a","sha384":"51f85c251fb4a4da174395eabaee35a031fe99d547336cb874555b61fc248e8ddda6061d509e2d472a151ffcf6d5c59d","sha512":"12d91de43180a6b208f35cc1f6c48ecf8731c1375347fd99930503eb5ba95425536487dee2db2fa31e985c1e90d0a77c18c0d31f4d281c2549f048d703006752","ssdeep":"37957:xQIxORr5I0mfk2CowOfgDybAlZHtHUPHwBrPOd:DI0DNUtjcCP9lg1BApH9CblJ41JH4mkkFwq8KBqvSFJTmbaPhbx9hmR68GGEj3","tlsh":"invite"},"pe":{"architecture":"is","company":"levels","description":"problems","file_version":"partners_laboratory_edge.ppt","imphash":"in","original_file_name":"state.pdf","pehash":"constantly","product":"examine"}},"group":{"domain":"assist.biz","id":"engaging","name":"government_potential_industry.doc"},"host":{"id":"assist","ip":["252.185.6.46","245.239.210.121"],"mac":["63C22031037D","7C997E25F013","052650BA7C91","351727ABD893"],"name":"also_support_role.jpg","domain":"services.ca","type":"our"},"http":{"request":{"body":{"bytes":274,"content":"also"},"bytes":376,"id":"them","method":"invite","mime_type":"website","referrer":"Canadian"},"response":{"body":{"bytes":2630,"content":"partnerships"},"bytes":3470,"mime_type":"To","status_code":2178},"version":"6.3.4"},"organization":{"id":"137","name":"TCC"},"process":{"args":["work","collaborating","product"],"args_count":2590,"command_line":"but","end":"2023-02-23T22:31:51.852856Z","entity_id":"1PMVkcWJwyjua8YsFYBBIS","env_vars":{"key_a":"more","key_b":"selling"},"executable":"defence","exit_code":859,"interactive":true,"name":"certain_the.xls","parent":[{"args":["marketplace"],"args_count":1831,"command_line":"constantly","end":"2023-02-11T13:43:04.852913Z","entity_id":"6nP3HzhLgwk3DjJJmxmS0a","env_vars":{"key_a":"new","key_b":"in","key_c":"product","key_d":"selling","key_e":"The"},"executable":"companies","exit_code":352,"interactive":false,"name":"testing_certain.gif","pid":2973,"same_as_process":false,"start":"2023-02-03T19:56:41.852979Z","user":{"id":"problems","name":"in_work.exe"}}],"pid":2416,"same_as_process":true,"start":"2023-02-16T10:27:28.852997Z","title":"certain","uptime":2530,"user":{"id":"website","name":"environment.gif"},"working_directory":"transition/security/new"},"registry":{"data":{"bytes":"partners","strings":["authority","levels","innovation"],"type":"testing"},"hive":"cutting","key":"One","path":"sizes","value":"invite"},"related":{"hash":["helps","academia"],"hosts":["tools.ca"],"ip":["116.237.28.40","26.60.253.246","9.116.83.58","32.215.199.226"],"user":["user","user","user"],"id":"goods","uri":["ftp://selling.ca/role/feedback/invite/development/bringing/Canada","ftp://to.ca/problems/complex/transition/goods/an/do"],"signature":["innovative"]},"server":{"ip":"175.131.90.106","address":"levels","domain":"country.ca"},"source":{"address":"across","bytes":1041,"domain":"product.edu","geo":{"city_name":"about_but.doc","continent_code":"laboratory","continent_name":"learn_survey.pdf","country_iso_code":"technologies","country_name":"art.xls","location":{"lon":1765.53,"lat":1193.18},"name":"provide_learn.doc","postal_code":"provide","region_iso_code":"Government","region_name":"learn_key_development.pdf","timezone":"Cyber"},"ip":"24.4.201.87","mac":"a1:79:93:0d:45:83","nat":{"ip":"7.162.95.41","port":2190},"packets":3895,"port":3028},"threat":{"feed":{"dashboard_id":"3Elh3lcPzFnqq2sxkPWhqI","description":"companies","name":"but_our_market.ppt","reference":"experts"},"framework":"Custom","group":{"alias":["promote","complex","are"],"id":"supports","name":"enhanced_stays_development.doc","reference":"technologies"},"indicator":{"confidence":"support","description":"Multicultural heritage.","email":{"address":"the"},"provider":"The","reference":"other","scanner_stats":3303,"sightings":3897,"ip":"30.52.218.51","type":"Cyber","first_seen":"2023-03-08T03:18:40.853303Z","last_seen":"2023-02-10T11:59:58.853309Z"},"software":{"alias":["services","Canadian","other"],"id":"website","name":"transition_work.exe","platform":["technologies"],"reference":"To","type":"determine"},"tactic":{"id":"TA0007","name":"Discovery","reference":"Canada"},"technique":{"id":"T1602.001","name":"SNMP (MIB Dump)","reference":"country"}},"tls":{"version":"4.3.0","version_protocol":"4.4.9","client":{"server_name":"cyber_determine.xls","ja3":"to"},"server":{"ja3s":"feedback"}},"url":{"domain":"industry.edu","extension":"testing","fragment":"transition","full":"about","original":"environment","password":"order","path":"complex","port":3122,"query":"authority","registered_domain":"more.ca","scheme":"an","subdomain":"academia.biz","top_level_domain":"the.com","username":"user"},"user":{"domain":"certain.biz","email":"visit@commercial.edu","full_name":"invite_provide_cyber.ppt","group":{"domain":"country.com","id":"experts","name":"testing.xls"},"hash":"government","id":"support","name":"authority","roles":["product","emerging","emerging"]},"user_agent":{"device":{"name":"are_also_potential.xls"},"name":"innovation.exe","original":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/601.3.9 (KHTML, like Gecko) Version/9.0.2 Safari/601.3.9","os":{"family":"this","full":"services","kernel":"stays","name":"survey_also_supports.jpg","platform":"programs","type":"survey","version":"6.0.3"},"version":"5.2.0"},"vulnerability":{"category":["working"],"classification":"website","description":"certain","enumeration":"do","id":"innovations","reference":"role","report_id":"5hfOjNJ3AvD1Xc95Dw9zVS"}},"3qhToLMjW8MDcJnTOfjZrk":{"timestamp":"2023-02-21T13:03:34.609781Z","labels":{"key_a":"To"},"tags":["development","Cyber","Build","authority"],"howler":{"id":"3qhToLMjW8MDcJnTOfjZrk","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Reconnaissance","hash":"6dcbccd956816dff506707bc85915f8a0ef25d690eba809f1c05058d4f82e8ad","related":["with"],"reliability":2665.01,"severity":3667.41,"volume":2656.72,"confidence":1678.3,"score":1834.88,"status":"open","scrutiny":"scanned","escalation":"alert","assessment":null,"comment":[{"id":"3cELbpGNXrhbZSXgd38KE3","timestamp":"2023-02-10T06:19:03.610083Z","modified":"2023-03-01T14:06:04.610094Z","value":"Application where numbers warrant.","user":"user"},{"id":"rZH7m7UfmrEeoze0z8dng","timestamp":"2023-02-09T19:32:16.610125Z","modified":"2023-02-16T21:14:41.610129Z","value":"Whereas Canada is founded upon principles that recognize the supremacy of God and the rule of law.","user":"shawnh"},{"id":"6asT3q6Dri6vicGK7g6RVg","timestamp":"2023-02-24T14:08:57.610157Z","modified":"2023-03-07T09:49:25.610160Z","value":"Proceedings of Parliament.","user":"user"},{"id":"7NU8zzolZB7O5XjwarSQ0i","timestamp":"2023-02-23T01:33:15.610186Z","modified":"2023-03-09T00:46:11.610189Z","value":"Application where numbers warrant.","user":"admin"},{"modified":"2023-03-10T14:55:06.468396Z","id":"1tqrniUufyZniBlHb3VRyi","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:06.468362Z"},{"modified":"2023-03-10T14:55:45.923241Z","id":"4L6DBMGcw28jqLHM4EH4WZ","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:45.923194Z"},{"modified":"2023-03-10T15:11:51.336682Z","id":"6riybwOz1Vubfp18JnzNdY","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:51.336641Z"},{"modified":"2023-03-10T15:12:37.369263Z","id":"78jMmUxWelcFki58vZj2cw","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:37.369226Z"},{"modified":"2023-03-10T15:13:07.741802Z","id":"P49zQPKdaczXELoRGb2kE","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:07.741755Z"},{"modified":"2023-03-10T15:13:31.487878Z","id":"1YvzI0y1CyrqKcqsoBtYUp","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:31.487845Z"},{"modified":"2023-03-10T15:14:26.683435Z","id":"6XGAqbq3WBsguYXIEIakEx","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:26.683398Z"},{"modified":"2023-03-10T15:14:53.462263Z","id":"3M1dkmLnyNEhpWEzmdzn9M","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:53.462200Z"},{"modified":"2023-03-10T15:19:14.722553Z","id":"5Y4yqKqpuD9cokc4DHcDSV","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:14.722503Z"},{"modified":"2023-03-10T15:20:07.536624Z","id":"4VuMO1BXiZSP5qkxPQIrr","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:07.536525Z"},{"modified":"2023-03-10T15:21:45.557983Z","id":"335ml32ZNXjMAeBwgOYbvU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:45.557942Z"},{"modified":"2023-03-10T15:26:34.223790Z","id":"2ioxCdnYF97UIPNzqG2Ptv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:34.223739Z"},{"modified":"2023-03-10T15:31:05.883233Z","id":"4yU3So7T4MkdH7XWW6HGli","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:05.883195Z"},{"modified":"2023-03-10T15:34:20.435050Z","id":"6MnqlyKiZQzzm6t6cwuo4Q","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:20.435003Z"},{"modified":"2023-03-10T15:40:31.164699Z","id":"3YMwGihM4AECSIjroHPrzm","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:31.164664Z"}],"log":[{"timestamp":"2023-02-22T07:35:20.610200Z","key":"enhanced","explanation":"Whereas Canada is founded upon principles that recognize the supremacy of God and the rule of law.","new_value":"private","type":"removed","previous_value":"learn","user":"admin"},{"timestamp":"2023-02-24T19:18:44.610223Z","key":"feedback","explanation":"Canadian Charter of Rights and Freedoms.","new_value":"are","type":"set","previous_value":"more","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1tqrniUufyZniBlHb3VRyi\\", \\"timestamp\\": \\"2023-03-10T14:55:06.468362Z\\", \\"modified\\": \\"2023-03-10T14:55:06.468396Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:06.538632Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4L6DBMGcw28jqLHM4EH4WZ\\", \\"timestamp\\": \\"2023-03-10T14:55:45.923194Z\\", \\"modified\\": \\"2023-03-10T14:55:45.923241Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:46.006181Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6riybwOz1Vubfp18JnzNdY\\", \\"timestamp\\": \\"2023-03-10T15:11:51.336641Z\\", \\"modified\\": \\"2023-03-10T15:11:51.336682Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:51.409208Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"78jMmUxWelcFki58vZj2cw\\", \\"timestamp\\": \\"2023-03-10T15:12:37.369226Z\\", \\"modified\\": \\"2023-03-10T15:12:37.369263Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:37.461517Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"P49zQPKdaczXELoRGb2kE\\", \\"timestamp\\": \\"2023-03-10T15:13:07.741755Z\\", \\"modified\\": \\"2023-03-10T15:13:07.741802Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:07.815940Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1YvzI0y1CyrqKcqsoBtYUp\\", \\"timestamp\\": \\"2023-03-10T15:13:31.487845Z\\", \\"modified\\": \\"2023-03-10T15:13:31.487878Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:31.561019Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6XGAqbq3WBsguYXIEIakEx\\", \\"timestamp\\": \\"2023-03-10T15:14:26.683398Z\\", \\"modified\\": \\"2023-03-10T15:14:26.683435Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:26.771254Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3M1dkmLnyNEhpWEzmdzn9M\\", \\"timestamp\\": \\"2023-03-10T15:14:53.462200Z\\", \\"modified\\": \\"2023-03-10T15:14:53.462263Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:53.576196Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5Y4yqKqpuD9cokc4DHcDSV\\", \\"timestamp\\": \\"2023-03-10T15:19:14.722503Z\\", \\"modified\\": \\"2023-03-10T15:19:14.722553Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:14.811504Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4VuMO1BXiZSP5qkxPQIrr\\", \\"timestamp\\": \\"2023-03-10T15:20:07.536525Z\\", \\"modified\\": \\"2023-03-10T15:20:07.536624Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:07.652360Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"335ml32ZNXjMAeBwgOYbvU\\", \\"timestamp\\": \\"2023-03-10T15:21:45.557942Z\\", \\"modified\\": \\"2023-03-10T15:21:45.557983Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:45.643064Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2ioxCdnYF97UIPNzqG2Ptv\\", \\"timestamp\\": \\"2023-03-10T15:26:34.223739Z\\", \\"modified\\": \\"2023-03-10T15:26:34.223790Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:34.312640Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4yU3So7T4MkdH7XWW6HGli\\", \\"timestamp\\": \\"2023-03-10T15:31:05.883195Z\\", \\"modified\\": \\"2023-03-10T15:31:05.883233Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:05.959173Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6MnqlyKiZQzzm6t6cwuo4Q\\", \\"timestamp\\": \\"2023-03-10T15:34:20.435003Z\\", \\"modified\\": \\"2023-03-10T15:34:20.435050Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:20.510528Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3YMwGihM4AECSIjroHPrzm\\", \\"timestamp\\": \\"2023-03-10T15:40:31.164664Z\\", \\"modified\\": \\"2023-03-10T15:40:31.164699Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:31.237163Z"}],"retained":"certain","monitored":"edge","reported":"stays","mitigated":"new","outline":{"threat":"80.105.64.111","target":"d7b05b0a1fd2fdf0ade6971ec9d678bd.gc.ca","indicators":["emerging_programs.xls","collaborating_engaging.doc","centre_country.gif","work_cyber.pdf","them_collaborating_working.lnk","centre_academia.gif","cyber_feedback_innovation.gif","innovations_by_technologies.jpg","learn_also_country.ppt","companies_by_engaging.xls","emerging_role.lnk","in.gif","bcip.xls","sizes_invite.lnk","private.lnk","visit_market_provide.pdf","on_determine_learn.pdf"],"summary":"Detention or imprisonment."},"labels":{"assignments":["ACE1C","ADS4B","CCID1A","APA1B"],"generic":["Super Teams"]},"votes":{"benign":["key"],"obscure":["collaborating","sizes"],"malicious":["visit"]},"dossier":{"key_a":"The","key_b":"[\\"engaging\\", \\"goods\\", \\"product\\"]","key_c":"of"}},"assemblyline":{"antivirus":[{"type":"innovative","subtype":"our","value":"support","verdict":"malicious"},{"type":"an","subtype":"helps","value":"Canadian","verdict":"info"},{"type":"working","subtype":"with","value":"academia","verdict":"malicious"}],"attribution":[{"type":"new","subtype":"by","value":"engaging","verdict":"suspicious"},{"type":"To","subtype":"role","value":"innovation","verdict":"safe"},{"type":"to","subtype":"partners","value":"marketplace","verdict":"safe"},{"type":"improve","subtype":"with","value":"website","verdict":"info"}],"behaviour":[{"type":"levels","subtype":"website","value":"examine","verdict":"info"},{"type":"goods","subtype":"cutting","value":"are","verdict":"info"},{"type":"are","subtype":"learn","value":"For","verdict":"malicious"},{"type":"To","subtype":"provide","value":"potential","verdict":"info"}],"domain":[{"type":"key","subtype":"but","value":"invite","verdict":"stays"},{"type":"Centre","subtype":"the","value":"provide","verdict":"innovations"}],"heuristic":[{"type":"evaluate","subtype":"feedback","value":"selling","verdict":"suspicious"},{"type":"innovative","subtype":"commercial","value":"constantly","verdict":"suspicious"},{"type":"this","subtype":"bringing","value":"performs","verdict":"info"}],"mitre":{"tactic":[{"type":"key","subtype":"in","value":"key","verdict":"malicious"},{"type":"innovation","subtype":"invite","value":"participating","verdict":"suspicious"}],"technique":[{"type":"private","subtype":"other","value":"learn","verdict":"info"}]},"uri":[{"type":"Canadian","subtype":"innovative","value":"but","verdict":"performs"},{"type":"work","subtype":"of","value":"emerging","verdict":"survey"}],"yara":[{"type":"Canadian","subtype":"stays","value":"The","verdict":"info"}]},"agent":{"id":"participating","name":"an.jpg","type":"but","version":"7.0.5"},"cbs":{"sharepoint":{"created":{"application":"cyber","user":"admin"},"modified":{"application":"testing","user":"user"}}},"cloud":{"account":{"id":"1M8X1MeBkUXImRaYkYHkPt","name":"potential_academia_with.exe"},"availability_zone":"about","instance":{"id":"provide","name":"development_assist.doc"},"machine":{"type":"across"},"project":{"id":"visit","name":"invite_provide.pdf"},"provider":"also","region":"tools","service":{"name":"Microsoft Teams"},"tenant_id":"7SBQKRfGC6vKnAac1FU99b"},"container":{"id":"private","image":{"hash":{"all":["programs"]},"name":"innovative_them_all.ppt","tag":["technology","innovation","enhanced","examine"]},"labels":{"key_a":"survey"},"name":"other_testing_innovation.doc","runtime":"The"},"destination":{"address":"technologies","bytes":1383,"domain":"innovation.com","geo":{"city_name":"industry_survey_to.exe","continent_code":"The","continent_name":"key_companies.xls","country_iso_code":"of","country_name":"technology_one_new.ppt","location":{"lon":1092.41,"lat":3396.83},"name":"on_government.gif","postal_code":"enhanced","region_iso_code":"more","region_name":"transition_for.ppt","timezone":"other"},"ip":"93.136.79.5","mac":"d2:75:d7:65:99:39","nat":{"ip":"21.135.104.187","port":1331},"packets":2081,"port":3935},"dns":{"answers":[{"class":"Innovation","data":"technologies","name":"industry_new_security.pdf","ttl":2074,"type":"testing"},{"class":"marketplace","data":"authority","name":"participating_country_provide.exe","ttl":2911,"type":"experts"}],"header_flags":["an"],"id":"innovations","op_code":"innovative","question":{"class":"open","name":"tools.gif","registered_domain":"supports.edu","subdomain":"potential.biz","top_level_domain":"market.ca","type":"assist"},"resolved_ip":["251.40.18.230","254.2.197.31","127.208.55.112","119.76.66.80"],"response_code":"do","type":"helps"},"ecs":{"version":"7.1.9"},"error":{"code":"helps","message":"For"},"event":{"action":"from","category":["session","registry"],"code":"open","created":"2023-03-02T13:01:31.610964Z","dataset":"To","duration":1620,"end":"2023-02-05T05:49:36.610975Z","hash":"industry","id":"3qhToLMjW8MDcJnTOfjZrk","ingested":"2023-02-18T05:17:26.610983Z","kind":"enrichment","module":"product","original":"do","outcome":"failure","provider":"NBS","reason":"in","reference":"sizes","risk_score":1703.72,"risk_score_norm":3166.85,"sequence":1387,"severity":2327,"start":"2023-02-20T22:37:57.611015Z","timezone":"programs","type":["denied","allowed","group","access"],"url":"For"},"email":{"attachments":[{"file":{"extension":"selling","hash":{"md5":"062def299fd59d23dc082dbd60b6ea3a","sha1":"eb39c350e0579f8343d0a5b2471927ca8268fd99","sha256":"a029ad3b82be900da7505ad4cac04f64f2da7ebb28e6a457dbc934b6ffcf5c9a","sha384":"ae2a2fa041ccb576e6a458cde1c54e86b32a579f519375b63f0dde55b3fad4deaf03a35e05957b03175a983b877befe9","sha512":"10bd59f5296c041f9ca27c7f3133ef3dffdde70923c1071eccd199d9b72d170c867c6976e356ed882306f763198116caf1113983f1a72d569560d9dbca2de9f8","ssdeep":"85127:kNLUyDpdbsGJuRq7PzPLf5w2eZ3EPmBqyG72E5Gs19rGou7c:M0dECJnKQH5I8eZfYQHRlu9JS","tlsh":"potential"},"mime_type":"visit","name":"certain.doc","size":3210}},{"file":{"extension":"support","hash":{"md5":"3c30e8b7c40395be8853b348339e9936","sha1":"e5057c1702a08a2a65c6054c52cad09c2fad693b","sha256":"cd2ee87dc8a02d40d43f218bf52006d90220694fcaff629af77682e5d3769ce6","sha384":"0e1eaa8035caaafe477d84cf88edc25601e2e31efcfc30ef7508d4942ffbfbe7c89d377be8a1bbbc4bee3b3234098f2a","sha512":"2edeeffae3823096538f9f79a11500fe8d11418001b87d3787e03ec3312af878c28f3aa58de8cf133685f9782169dac8786e97c8d69df44ecdbf4cdf814f4d0c","ssdeep":"64719:wKvhCpdq2lz8r4ZCgRZJuOMwv4u8NEfR1yh7s8hGdB1a2arTAbMVxuv:EIfXXXxPQ9m6ByPCJeAIghNBXOZXiJP8","tlsh":"transition"},"mime_type":"BCIP","name":"also_industry_website.xls","size":2845}},{"file":{"extension":"problems","hash":{"md5":"40a201eb24174498cf1f87331504fbe2","sha1":"55bb735c83f82361b174abcec3454ad1103cce5c","sha256":"3b2d7012ad1c37440da61c9709f06caf1d24a1f4209d15b12e9db92a01384333","sha384":"93abecb5a7e06622a6c106a6e6115bb5230be6a6bacd5905657e5c5dda580ddf9a614074e527a31ee74d39b8056415c2","sha512":"92807d2418e2a471899c2451a8ca80bc9b9c31f6ab135fae00eac4de8f72dddfff83d373cdeb683440b05a0a625234d4a0cbe00471c0eeb5b3a7c41527daf967","ssdeep":"72957:rpbpPk5DPKRB4ejDzike:OUmPzAim9CX9DMYENPgP9EL0F8Ca4gL6DdNoNROYFEVufVNmc5","tlsh":"BCIP"},"mime_type":"environment","name":"transition_testing_cutting.pdf","size":1112}}],"bcc":{"address":"laboratory@order.com"},"cc":{"address":"collaborating@the.biz"},"content_type":"our","delivery_timestamp":"2023-02-23T05:31:49.611597Z","direction":"potential","from":{"address":"other@sizes.edu"},"local_id":"3Vkp1V9Frw2EFTaWJQZvs0","message_id":"EIZS4M6eTXTD2xnRZ82LI","origination_timestamp":"2023-02-20T06:34:25.611653Z","reply_to":{"address":"an@all.edu"},"sender":{"address":"performs@open.ca"},"subject":"innovative","to":{"address":"evaluate@invite.ca"},"x_mailer":"assist","parent":{"bcc":{"address":"them@for.ca"},"cc":{"address":"levels@on.biz"},"from":{"address":"vendors@marketplace.ca"},"message_id":"hJzqqRudEBC4eTFIr6d1l","origination_timestamp":"2023-02-09T11:39:51.611709Z","subject":"defence","to":{"address":"by@we.com"},"source":"57.57.100.35","destination":"199.179.128.83"}},"faas":{"coldstart":false,"execution":"innovations","id":"all","name":"certain_environment.jpg","trigger":{"request_id":"2mlJwLJq7Itr8FXP8fQmeJ","type":"timer"},"version":"5.5.0"},"file":{"accessed":"2023-02-18T00:28:38.611784Z","attributes":["marketplace","is","edge","visit"],"created":"2023-02-04T11:46:08.611802Z","ctime":"2023-02-22T08:35:58.611806Z","device":"potential","directory":"key/by/supports/performs","drive_letter":"state","extension":"development","fork_name":"of_security.xls","gid":"across","group":"ADMINS","inode":"learn.edu","mime_type":"supports","mode":"invite","mtime":"2023-03-02T22:43:03.611865Z","name":"art_country.xls","owner":"country","path":"open","size":3078,"target_path":"potential","type":"dir","uid":"helps","code_signature":{"digest_algorithm":"sha384","exists":false,"signing_id":"5UmXWfGB35u5chOzTgnCEz","status":"us","subject_name":"working_by.exe","team_id":"5ia5xGpzGBw6Vd1qjtvV1t","timestamp":"2023-03-08T13:50:12.611953Z","trusted":false,"valid":false},"elf":{"architecture":"Canadian","byte_order":"other","cpu_type":"do","creation_date":"transition","exports":["defence","For","laboratory"],"header":{"abi_version":"8.2.9","class":"other","data":"order","entrypoint":530,"object_version":"8.3.4","os_abi":"technologies","type":"industry","version":"7.3.7"},"imports":["working","supports","survey"],"sections":[{"chi2":2416,"entropy":2994,"flags":"also","name":"working_state_services.lnk","physical_offset":"invite","physical_size":2116,"type":"technology","virtual_address":1040,"virtual_size":1482}],"segments":[{"chi2":2112,"entropy":4002,"flags":"improve","name":"is.doc","physical_offset":"website","physical_size":2581,"type":"market","virtual_address":3107,"virtual_size":2498},{"chi2":278,"entropy":3405,"flags":"Centre","name":"helps.lnk","physical_offset":"provide","physical_size":2608,"type":"market","virtual_address":2824,"virtual_size":2306},{"chi2":2827,"entropy":2057,"flags":"role","name":"transition_across_goods.exe","physical_offset":"programs","physical_size":1637,"type":"defence","virtual_address":364,"virtual_size":1672},{"chi2":2495,"entropy":3904,"flags":"companies","name":"our_sizes.pdf","physical_offset":"One","physical_size":3515,"type":"bringing","virtual_address":624,"virtual_size":2465}],"shared_libraries":["programs"],"telfhash":"state"},"hash":{"md5":"981da59dabedeb1d36e25a417f0c0471","sha1":"ec3af44d6dcb84af9833f566082f22b10dc43499","sha256":"bd0437d0ae6f0605c236b89310894d3cd04b3e7be27816acbe107c7200c09b84","sha384":"7c14eb0adc24d599379f7fbfd201f92764756a4f3657d8919914e2fae5cc0d7da6c743662af39c901a0f7a626d8530b2","sha512":"10771822d9f6fb611a43011bebc4e17e957ac42f922ee4ae59e9b432b791ee3a0b49e72188acb535589b821ce64a35eb2ca06882525d7ae741080eedbb8410b7","ssdeep":"7801:aTdOPxUBxEOpMcN98oXr5:GKbgJrgSpDsUC3he9V0vl4f","tlsh":"companies"},"pe":{"architecture":"order","company":"Government","description":"laboratory","file_version":"visit.xls","imphash":"performs","original_file_name":"in_supports_assist.ppt","pehash":"programs","product":"industry"}},"group":{"domain":"we.ca","id":"vendors","name":"partnerships_in_stays.ppt"},"host":{"id":"partners","ip":["224.35.5.124","73.89.23.167"],"mac":["D6C644533632"],"name":"visit_one_testing.xls","domain":"open.ca","type":"feedback"},"http":{"request":{"body":{"bytes":3192,"content":"sizes"},"bytes":3637,"id":"partners","method":"survey","mime_type":"performs","referrer":"Centre"},"response":{"body":{"bytes":1641,"content":"tools"},"bytes":3749,"mime_type":"product","status_code":1165},"version":"5.5.0"},"organization":{"id":"43","name":"TATC"},"process":{"args":["environment","new"],"args_count":322,"command_line":"government","end":"2023-02-06T09:07:14.612476Z","entity_id":"1EKJYU7xvKDQeAga5ln3Bj","env_vars":{"key_a":"supports","key_b":"innovative"},"executable":"also","exit_code":2225,"interactive":true,"name":"build_market_visit.ppt","parent":[{"args":["website","feedback","laboratory","government"],"args_count":3881,"command_line":"state","end":"2023-02-19T08:33:53.612585Z","entity_id":"5rQIelLG4hSrHZDQwlfTMP","env_vars":{"key_a":"For","key_b":"other"},"executable":"We","exit_code":425,"interactive":true,"name":"partnerships.ppt","pid":1115,"same_as_process":false,"start":"2023-02-19T08:55:08.612644Z","user":{"id":"us","name":"key.lnk"}},{"args":["enhanced"],"args_count":614,"command_line":"state","end":"2023-03-07T23:05:17.612670Z","entity_id":"fzgsR9qwrHTIDT23aZFE7","env_vars":{"key_a":"bringing","key_b":"BCIP","key_c":"Program","key_d":"authority","key_e":"Build"},"executable":"engaging","exit_code":2775,"interactive":false,"name":"program_sizes_innovative.gif","pid":2450,"same_as_process":false,"start":"2023-02-27T18:33:53.612726Z","user":{"id":"authority","name":"also.lnk"}},{"args":["engaging","commercial","potential","Build"],"args_count":2487,"command_line":"BCIP","end":"2023-03-06T15:08:05.612758Z","entity_id":"43UeTGJz0iYL7dLa4a3Udw","env_vars":{"key_a":"other","key_b":"One","key_c":"also","key_d":"improve","key_e":"technical"},"executable":"Canadian","exit_code":3971,"interactive":true,"name":"this.doc","pid":1464,"same_as_process":false,"start":"2023-02-18T21:41:16.612813Z","user":{"id":"Canada","name":"build.exe"}},{"args":["support","visit","learn","levels"],"args_count":139,"command_line":"about","end":"2023-02-13T22:14:44.612845Z","entity_id":"40pRbTHNqfMSurAuAgJaJZ","env_vars":{"key_a":"Build"},"executable":"laboratory","exit_code":1841,"interactive":false,"name":"we_market.doc","pid":130,"same_as_process":false,"start":"2023-02-05T05:45:35.612892Z","user":{"id":"Build","name":"industry_development.ppt"}}],"pid":1435,"same_as_process":false,"start":"2023-02-17T18:07:49.612911Z","title":"programs","uptime":3040,"user":{"id":"feedback","name":"complex_cyber_on.lnk"},"working_directory":"this/working/cyber/levels/potential"},"registry":{"data":{"bytes":"To","strings":["by","in"],"type":"innovations"},"hive":"One","key":"in","path":"laboratory","value":"Canada"},"related":{"hash":["Government"],"hosts":["feedback.edu","is.ca","of.com"],"ip":["87.150.110.178","18.183.94.97"],"user":["user","user","admin"],"id":"selling","uri":["https://supports.com/programs/For/cutting/constantly/determine/us","http://build.biz/Build/them","https://innovation.com/bringing/One/development/this/levels","https://of.biz/assist/stays/an"],"signature":["security","Program"]},"server":{"ip":"19.26.119.165","address":"open","domain":"do.edu"},"source":{"address":"vendors","bytes":2786,"domain":"the.biz","geo":{"city_name":"development_transition_this.gif","continent_code":"country","continent_name":"bringing.lnk","country_iso_code":"state","country_name":"key.lnk","location":{"lon":346.07,"lat":2591.8},"name":"edge_performs_build.jpg","postal_code":"from","region_iso_code":"open","region_name":"key_defence.xls","timezone":"across"},"ip":"202.94.44.234","mac":"ef:12:90:3e:19:de","nat":{"ip":"136.10.152.164","port":3467},"packets":2711,"port":532},"threat":{"feed":{"dashboard_id":"16T3CJtI05wfF778T9TK4U","description":"across","name":"sizes.lnk","reference":"do"},"framework":"Custom","group":{"alias":["programs","environment","Government","invite"],"id":"For","name":"environment_visit.xls","reference":"BCIP"},"indicator":{"confidence":"goods","description":"Five year limitation.","email":{"address":"Government"},"provider":"role","reference":"Cyber","scanner_stats":288,"sightings":247,"ip":"80.78.24.92","type":"order","first_seen":"2023-03-07T12:01:15.613281Z","last_seen":"2023-02-27T01:20:15.613288Z"},"software":{"alias":["performs","To","defence","academia"],"id":"invite","name":"transition_collaborating_levels.jpg","platform":["cutting","constantly"],"reference":"The","type":"industry"},"tactic":{"id":"TA0043","name":"Reconnaissance","reference":"marketplace"},"technique":{"id":"T1110","name":"Brute Force","reference":"Build"}},"tls":{"version":"5.4.7","version_protocol":"6.5.6","client":{"server_name":"the.doc","ja3":"work"},"server":{"ja3s":"performs"}},"url":{"domain":"innovations.ca","extension":"by","fragment":"are","full":"bringing","original":"partnerships","password":"authority","path":"government","port":877,"query":"marketplace","registered_domain":"support.edu","scheme":"supports","subdomain":"canadian.com","top_level_domain":"potential.biz","username":"user"},"user":{"domain":"are.edu","email":"their@evaluate.edu","full_name":"programs_cutting.exe","group":{"domain":"academia.com","id":"invite","name":"companies_in.ppt"},"hash":"government","id":"laboratory","name":"technologies","roles":["government"]},"user_agent":{"device":{"name":"technical_one.exe"},"name":"problems_sizes_an.exe","original":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36","os":{"family":"selling","full":"vendors","kernel":"evaluate","name":"industry_all_state.jpg","platform":"all","type":"technical","version":"4.3.5"},"version":"4.4.2"},"vulnerability":{"category":["supports","To"],"classification":"academia","description":"For","enumeration":"commercial","id":"stays","reference":"constantly","report_id":"2R0UNihbSMMvnsYMLNSFBh"}},"5IRwnnAHFvJFCCQE5PwEDV":{"timestamp":"2023-02-05T18:11:40.500654Z","labels":{"key_a":"participating","key_b":"helps","key_c":"Canadian","key_d":"order"},"tags":["partners","complex"],"howler":{"id":"5IRwnnAHFvJFCCQE5PwEDV","analytic":"COLISEUM","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Command and Control","hash":"1a0d124a2edc1308ec8feae4abc71beafd4a42e26ed6be3983259035c1fac300","related":["Cyber","vendors"],"reliability":3950.84,"severity":1305.06,"volume":3277.54,"confidence":3574.46,"score":3492.99,"status":"open","scrutiny":"inspected","escalation":"hit","assessment":null,"comment":[{"id":"aTWkFXzQOpSVykQJaGDl3","timestamp":"2023-02-19T22:59:55.500831Z","modified":"2023-03-03T19:33:06.500837Z","value":"Everyone has the right on arrest or detention.","user":"admin"},{"id":"7kHJPpQOXCZam0UDCOcq6U","timestamp":"2023-02-11T12:58:12.500865Z","modified":"2023-02-26T07:20:32.500868Z","value":"Rights and privileges preserved.","user":"user"},{"id":"1VCvUcSczIgS4STLgCGwam","timestamp":"2023-03-05T18:55:02.500912Z","modified":"2023-02-18T07:49:20.500915Z","value":"Not to be found guilty on account of any act or omission unless, at the time of the act or omission, it constituted an offence under Canadian or international law or was criminal according to the general principles of law recognized by the community of nations.","user":"admin"},{"id":"7ga2rXeLFirGXJxR0sCSV8","timestamp":"2023-02-08T02:49:35.500940Z","modified":"2023-03-06T21:00:10.500943Z","value":"The right of citizens of Canada under subsections and to have their children receive primary and secondary school instruction in the language of the English or French linguistic minority population of a province.","user":"user"},{"modified":"2023-03-10T14:55:06.775926Z","id":"3jBZRCoFEZJ6gsaNxctWNj","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:06.775888Z"},{"modified":"2023-03-10T14:55:46.267583Z","id":"46B5Bd4ZdB7y49HjVIsI1l","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:46.267539Z"},{"modified":"2023-03-10T15:11:51.625028Z","id":"3YY0R8oWUggB1RRzDHxYgU","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:51.624994Z"},{"modified":"2023-03-10T15:12:37.701965Z","id":"6DeQ0J8cKngljNjPB3YM8R","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:37.701927Z"},{"modified":"2023-03-10T15:13:08.041457Z","id":"y3doXi1zsE0mq0B6d5uor","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:08.041420Z"},{"modified":"2023-03-10T15:13:31.801947Z","id":"71AyxAuWZPy7UZ1j3zfbHv","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:31.801905Z"},{"modified":"2023-03-10T15:14:27.023346Z","id":"2o2IevM4xdDbcLJxA9Wi2i","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:27.023240Z"},{"modified":"2023-03-10T15:14:53.804380Z","id":"6mxdLtbP9t9ViiA6BPweaH","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:53.804324Z"},{"modified":"2023-03-10T15:19:15.063230Z","id":"19d0v3VoThIRzuFEsHbv5S","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:15.063180Z"},{"modified":"2023-03-10T15:20:07.911587Z","id":"29Wn5omXSab6DcXQFxOJvQ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:07.911540Z"},{"modified":"2023-03-10T15:21:45.924055Z","id":"Fd3mwcI3c1GUxF7KlT7sa","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:45.923914Z"},{"modified":"2023-03-10T15:26:34.538434Z","id":"3hEvocOnBMRKXAiQ3wQSD5","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:34.538398Z"},{"modified":"2023-03-10T15:31:06.193130Z","id":"rzaIjJHX9PHDRD1lWqwHZ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:06.193084Z"},{"modified":"2023-03-10T15:34:20.741372Z","id":"3GY1Xy4qolfgKFodthDLiz","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:20.741328Z"},{"modified":"2023-03-10T15:40:31.472630Z","id":"1y1C4KzYAeXFni6KcCsJve","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:31.472579Z"}],"log":[{"timestamp":"2023-02-13T05:32:38.500954Z","key":"from","explanation":"Whose first language learned and still understood is that of the English or French linguistic minority population of the province in which they reside, or.","new_value":"in","type":"removed","previous_value":"with","user":"user"},{"timestamp":"2023-02-09T05:49:26.500974Z","key":"do","explanation":"Either English or French may be used by any person in, or in any pleading in or process issuing from, any court established by Parliament.","new_value":"them","type":"set","previous_value":"development","user":"admin"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3jBZRCoFEZJ6gsaNxctWNj\\", \\"timestamp\\": \\"2023-03-10T14:55:06.775888Z\\", \\"modified\\": \\"2023-03-10T14:55:06.775926Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:06.849341Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"46B5Bd4ZdB7y49HjVIsI1l\\", \\"timestamp\\": \\"2023-03-10T14:55:46.267539Z\\", \\"modified\\": \\"2023-03-10T14:55:46.267583Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:46.371602Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3YY0R8oWUggB1RRzDHxYgU\\", \\"timestamp\\": \\"2023-03-10T15:11:51.624994Z\\", \\"modified\\": \\"2023-03-10T15:11:51.625028Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:51.697538Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6DeQ0J8cKngljNjPB3YM8R\\", \\"timestamp\\": \\"2023-03-10T15:12:37.701927Z\\", \\"modified\\": \\"2023-03-10T15:12:37.701965Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:37.773590Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"y3doXi1zsE0mq0B6d5uor\\", \\"timestamp\\": \\"2023-03-10T15:13:08.041420Z\\", \\"modified\\": \\"2023-03-10T15:13:08.041457Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:08.114178Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"71AyxAuWZPy7UZ1j3zfbHv\\", \\"timestamp\\": \\"2023-03-10T15:13:31.801905Z\\", \\"modified\\": \\"2023-03-10T15:13:31.801947Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:31.882685Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2o2IevM4xdDbcLJxA9Wi2i\\", \\"timestamp\\": \\"2023-03-10T15:14:27.023240Z\\", \\"modified\\": \\"2023-03-10T15:14:27.023346Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:27.110864Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6mxdLtbP9t9ViiA6BPweaH\\", \\"timestamp\\": \\"2023-03-10T15:14:53.804324Z\\", \\"modified\\": \\"2023-03-10T15:14:53.804380Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:53.882009Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"19d0v3VoThIRzuFEsHbv5S\\", \\"timestamp\\": \\"2023-03-10T15:19:15.063180Z\\", \\"modified\\": \\"2023-03-10T15:19:15.063230Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:15.150897Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"29Wn5omXSab6DcXQFxOJvQ\\", \\"timestamp\\": \\"2023-03-10T15:20:07.911540Z\\", \\"modified\\": \\"2023-03-10T15:20:07.911587Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:07.992702Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"Fd3mwcI3c1GUxF7KlT7sa\\", \\"timestamp\\": \\"2023-03-10T15:21:45.923914Z\\", \\"modified\\": \\"2023-03-10T15:21:45.924055Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:46.023137Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3hEvocOnBMRKXAiQ3wQSD5\\", \\"timestamp\\": \\"2023-03-10T15:26:34.538398Z\\", \\"modified\\": \\"2023-03-10T15:26:34.538434Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:34.613035Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"rzaIjJHX9PHDRD1lWqwHZ\\", \\"timestamp\\": \\"2023-03-10T15:31:06.193084Z\\", \\"modified\\": \\"2023-03-10T15:31:06.193130Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:06.270839Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"3GY1Xy4qolfgKFodthDLiz\\", \\"timestamp\\": \\"2023-03-10T15:34:20.741328Z\\", \\"modified\\": \\"2023-03-10T15:34:20.741372Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:20.816858Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1y1C4KzYAeXFni6KcCsJve\\", \\"timestamp\\": \\"2023-03-10T15:40:31.472579Z\\", \\"modified\\": \\"2023-03-10T15:40:31.472630Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:31.554160Z"}],"retained":"Innovation","monitored":"Centre","reported":"complex","mitigated":"across","outline":{"threat":"efcf11b40ecbd879d244a58b717ff135-thing.baduser.org","target":"collaborating.com","indicators":["is_experts.exe","more.pdf","them_more_authority.ppt","role.doc","are_private_canada.ppt","technology_security.jpg","problems_role_academia.xls","levels.exe","stays_private_partners.doc","stays_innovation_enhanced.xls","government_environment.ppt","country.ppt","canadian_we.gif","selling.jpg","but_potential_partners.jpg","invite_learn_evaluate.xls","order_support.gif"],"summary":"Not to be compelled to be a witness in proceedings against that person in respect of the offence."},"labels":{"assignments":["APA2B","ADS2A"],"generic":["Outlook","Documentation","Super Teams"]},"votes":{"benign":["do"],"obscure":["Build","complex","determine","on"],"malicious":["evaluate","performs","product","in"]},"dossier":{"key_a":"The","key_b":"true","key_c":"[\\"of\\", \\"from\\", \\"country\\", \\"working\\"]","key_d":"false","key_e":"false"}},"assemblyline":{"antivirus":[{"type":"invite","subtype":"development","value":"also","verdict":"safe"},{"type":"learn","subtype":"programs","value":"experts","verdict":"safe"},{"type":"companies","subtype":"experts","value":"about","verdict":"safe"},{"type":"companies","subtype":"the","value":"assist","verdict":"safe"}],"attribution":[{"type":"Canada","subtype":"open","value":"partnerships","verdict":"malicious"},{"type":"transition","subtype":"potential","value":"with","verdict":"suspicious"},{"type":"other","subtype":"invite","value":"the","verdict":"malicious"}],"behaviour":[{"type":"participating","subtype":"promote","value":"testing","verdict":"suspicious"},{"type":"Program","subtype":"experts","value":"Innovation","verdict":"suspicious"},{"type":"market","subtype":"on","value":"Canada","verdict":"safe"},{"type":"market","subtype":"Program","value":"are","verdict":"info"}],"domain":[{"type":"technologies","subtype":"government","value":"supports","verdict":"Cyber"},{"type":"website","subtype":"feedback","value":"state","verdict":"tools"},{"type":"cyber","subtype":"across","value":"innovations","verdict":"support"},{"type":"across","subtype":"working","value":"evaluate","verdict":"Government"}],"heuristic":[{"type":"For","subtype":"other","value":"from","verdict":"malicious"},{"type":"cutting","subtype":"Program","value":"them","verdict":"malicious"}],"mitre":{"tactic":[{"type":"on","subtype":"to","value":"more","verdict":"info"},{"type":"state","subtype":"supports","value":"of","verdict":"info"}],"technique":[{"type":"stays","subtype":"engaging","value":"tools","verdict":"malicious"},{"type":"assist","subtype":"potential","value":"are","verdict":"malicious"},{"type":"security","subtype":"tools","value":"to","verdict":"malicious"},{"type":"our","subtype":"Innovation","value":"more","verdict":"suspicious"}]},"uri":[{"type":"testing","subtype":"environment","value":"of","verdict":"improve"},{"type":"the","subtype":"promote","value":"Build","verdict":"helps"},{"type":"One","subtype":"are","value":"in","verdict":"certain"},{"type":"levels","subtype":"us","value":"commercial","verdict":"Build"}],"yara":[{"type":"across","subtype":"improve","value":"key","verdict":"safe"},{"type":"emerging","subtype":"Canadian","value":"supports","verdict":"suspicious"}]},"agent":{"id":"support","name":"goods.lnk","type":"assist","version":"6.5.1"},"cbs":{"sharepoint":{"created":{"application":"development","user":"admin"},"modified":{"application":"performs","user":"user"}}},"cloud":{"account":{"id":"3fKOZWxkVGG5ah6kfnV0qG","name":"across.pdf"},"availability_zone":"Innovation","instance":{"id":"state","name":"services.lnk"},"machine":{"type":"development"},"project":{"id":"working","name":"to_we.gif"},"provider":"engaging","region":"of","service":{"name":"Azure"},"tenant_id":"1LHAKYICGKFtXWY06eOkRL"},"container":{"id":"of","image":{"hash":{"all":["the","engaging","engaging","all"]},"name":"transition_the_levels.pdf","tag":["experts","determine","performs","certain"]},"labels":{"key_a":"Canada","key_b":"complex","key_c":"services","key_d":"bringing","key_e":"bringing"},"name":"potential_of_testing.exe","runtime":"programs"},"destination":{"address":"do","bytes":1155,"domain":"we.com","geo":{"city_name":"the_emerging.lnk","continent_code":"cyber","continent_name":"certain_country.ppt","country_iso_code":"Government","country_name":"experts_levels_innovations.xls","location":{"lon":2968.73,"lat":3018.79},"name":"sizes_the_is.lnk","postal_code":"private","region_iso_code":"support","region_name":"the_by.gif","timezone":"potential"},"ip":"184.110.81.207","mac":"31:73:54:8f:48:7f","nat":{"ip":"171.52.207.83","port":3375},"packets":3528,"port":1151},"dns":{"answers":[{"class":"goods","data":"their","name":"innovation.exe","ttl":1578,"type":"laboratory"}],"header_flags":["constantly","working","technology"],"id":"in","op_code":"support","question":{"class":"their","name":"technical.gif","registered_domain":"edge.ca","subdomain":"participating.ca","top_level_domain":"for.biz","type":"their"},"resolved_ip":["186.137.104.77","156.204.130.137","35.186.175.196","24.196.51.97"],"response_code":"determine","type":"constantly"},"ecs":{"version":"8.1.2"},"error":{"code":"selling","message":"all"},"event":{"action":"Innovation","category":["threat","host"],"code":"invite","created":"2023-03-02T03:57:25.501758Z","dataset":"survey","duration":830,"end":"2023-02-16T10:46:10.501768Z","hash":"One","id":"5IRwnnAHFvJFCCQE5PwEDV","ingested":"2023-02-04T00:52:18.501776Z","kind":"event","module":"edge","original":"innovations","outcome":"success","provider":"NBS","reason":"are","reference":"vendors","risk_score":1200.24,"risk_score_norm":3132.53,"sequence":3212,"severity":3899,"start":"2023-02-13T12:38:45.501805Z","timezone":"testing","type":["deletion"],"url":"laboratory"},"email":{"attachments":[{"file":{"extension":"examine","hash":{"md5":"4d11d5331bd2dd707ecb166d463db9df","sha1":"e0f4401c42c7a1a159d88cfd747bf689a21f2fd8","sha256":"f82090e9fa3a141ed35e0751647db69c47628177d975cb655345ef90b1466eb0","sha384":"39cd2a5c47f6c796350b73ea61c7bf35c6d607078b9c54a8911d0673736e9e406eeac6819684c7fec08c69f0d88cfc63","sha512":"7563d5bd3490293d87f3b44fea397e9a09ae65d0e37932f4f43da9a76b371a912ed918168657272cae309bd83ba5478a42b0165701756a5bf5df9a3795910343","ssdeep":"22755:NOZxQ6LxYBB9L951AsM32f5JVy9ALjj5kdYxCH6azzjg3VULmh2V9KIY:XJAvi3FVXJ51eE70o8yOhr1Owii1HUxRY6abuDZ0NyjQMuKtri4","tlsh":"market"},"mime_type":"sizes","name":"new_levels.exe","size":1198}},{"file":{"extension":"improve","hash":{"md5":"6532baabca85407dd18cc6eb3c702a8b","sha1":"ae96903d0630943ba6f0ea88eda80f3a6dc3f4a3","sha256":"96e8889f87e41236969f730ad8c8982d4f51c3c6db5f0ba8600e10d69e1047bc","sha384":"1c8f25560eed99acc19918415ae4edf188b2db1e98888de87cdbb40509718606254935e9602d03d84b6c1074dfdf2739","sha512":"3793ac8f7e90c074051f6d9314aa761f0dde6f660a59891d7628c94c757c084ea35bb28c0c81de7ab786000cdb3125d90beb6f7a94a612abf4479598b774adee","ssdeep":"41074:2QK5fNMY1D3XHjOTZ8qAh:iNK3lsmzw7IrtExVFoSbL41UAy195sDRfDCsZHvUpvSFdPjjcKPvBTLcqXofbkj","tlsh":"For"},"mime_type":"evaluate","name":"sizes_working.pdf","size":1900}},{"file":{"extension":"private","hash":{"md5":"4db726d7bc9f63a8af0dc1d7b0d3076b","sha1":"c784c4671b71d778f01717fe32f4c0844dd01b79","sha256":"047fb7a7583c1f2f82b54fba878a5329504346a4c5b1353f5a2a33777c42c96f","sha384":"6e41ac79c75617ea5170f92923c220f6c4399df47f5504d1f4aec78b4594d6e07ab10b3d80a7e876bcaeafcd2b5d04df","sha512":"e9ee52287ad00cc4612d07a2b431306a09b2a136ad7e8655be87362c036a34bfc4860283bef50a4ba8e16dbf253f655e483327cc1a03e0f36ebefc16ae5a6e77","ssdeep":"94183:FDNoq2j7kk4nTlYmsNstPfwY0cMwqeNmiYpm6tE22x78cNcVvuXQ1rKomg:xVc7rIyDh8iYqFm4GfvtbCOFsUep5gEodPFcd3DYx5Ov2","tlsh":"an"},"mime_type":"vendors","name":"this_market.exe","size":2740}},{"file":{"extension":"work","hash":{"md5":"3615a811fb92f21605f64f25403f6ab7","sha1":"79e78a3ed326f14f406be0336d7efe1f400d0166","sha256":"ba310fd3c20e220f3e3fc5285068b3c9833a030af2e3f79a1252595462f6623e","sha384":"d1371504d1fd15a10f0a976787a2464e7823e8d1ab90978c168346b7cee009fb98750d633128dea56184c08044922abe","sha512":"b806290c07435e2ab448a2d9d24064ff99eb3f05369ce5f12f9716217f176742643a51f6cc70b0e55ecb0575479011b8d36fe274ad1e2508bef662d4465f2ca7","ssdeep":"52156:PpPY6nUlegH4PIeuhioStLfJUDJru0PySugmen3Cxe5RthJtRmR4wJA2XUE:iRzmXU8DGa2VbpkZOcHZG73QaUegCB1ERRPDhYOnk5eYzdCKZu6hsxUu","tlsh":"academia"},"mime_type":"testing","name":"of_provide.lnk","size":3195}}],"bcc":{"address":"cyber@complex.biz"},"cc":{"address":"program@learn.edu"},"content_type":"feedback","delivery_timestamp":"2023-02-23T19:58:56.502536Z","direction":"feedback","from":{"address":"innovations@from.biz"},"local_id":"21nvDGsWpFncUGfRzsPQWy","message_id":"4OyJwnJw3Jc7Y90G5GM6AW","origination_timestamp":"2023-02-05T08:28:23.502592Z","reply_to":{"address":"innovative@to.biz"},"sender":{"address":"across@supports.ca"},"subject":"Canada","to":{"address":"development@them.com"},"x_mailer":"tools","parent":{"bcc":{"address":"stays@canada.biz"},"cc":{"address":"environment@helps.ca"},"from":{"address":"enhanced@technology.biz"},"message_id":"6rNYveqc9xJlxYl6kYBiz0","origination_timestamp":"2023-03-01T14:35:19.502644Z","subject":"stays","to":{"address":"are@innovations.edu"},"source":"40.202.212.121","destination":"44.16.2.98"}},"faas":{"coldstart":true,"execution":"invite","id":"invite","name":"emerging_innovative_innovations.jpg","trigger":{"request_id":"2Sf91gB3iOjPYwRM2f4bfA","type":"pubsub"},"version":"8.2.6"},"file":{"accessed":"2023-02-26T09:30:46.502712Z","attributes":["testing","The","tools","website"],"created":"2023-02-25T17:13:59.502728Z","ctime":"2023-03-05T08:08:03.502731Z","device":"country","directory":"other/cutting/build/certain/feedback","drive_letter":"technology","extension":"from","fork_name":"art.doc","gid":"collaborating","group":"ADMINS","inode":"support.ca","mime_type":"goods","mode":"to","mtime":"2023-03-07T19:47:15.502768Z","name":"the_bringing.doc","owner":"visit","path":"Centre","size":3377,"target_path":"security","type":"symlink","uid":"selling","code_signature":{"digest_algorithm":"md5","exists":false,"signing_id":"3BFcv0eoeb7gnXPx0tZYHw","status":"We","subject_name":"goods.pdf","team_id":"5NBze1rOaGwdpKfGOyFiUI","timestamp":"2023-02-24T09:45:33.502843Z","trusted":false,"valid":false},"elf":{"architecture":"of","byte_order":"do","cpu_type":"all","creation_date":"technologies","exports":["helps","For","constantly","government"],"header":{"abi_version":"5.5.5","class":"Canadian","data":"technologies","entrypoint":1250,"object_version":"7.2.3","os_abi":"sizes","type":"certain","version":"5.0.4"},"imports":["emerging","complex"],"sections":[{"chi2":3536,"entropy":758,"flags":"tools","name":"examine.doc","physical_offset":"innovative","physical_size":2999,"type":"role","virtual_address":2804,"virtual_size":995},{"chi2":3863,"entropy":577,"flags":"security","name":"academia_enhanced.xls","physical_offset":"Canadian","physical_size":1483,"type":"market","virtual_address":304,"virtual_size":2357},{"chi2":2511,"entropy":3373,"flags":"role","name":"product.xls","physical_offset":"order","physical_size":856,"type":"assist","virtual_address":3113,"virtual_size":2657},{"chi2":1993,"entropy":3923,"flags":"Canadian","name":"laboratory_all_key.exe","physical_offset":"by","physical_size":2738,"type":"product","virtual_address":1814,"virtual_size":2264}],"segments":[{"chi2":2883,"entropy":2670,"flags":"potential","name":"enhanced.lnk","physical_offset":"authority","physical_size":612,"type":"survey","virtual_address":3665,"virtual_size":3448},{"chi2":3051,"entropy":1102,"flags":"cutting","name":"technical.gif","physical_offset":"an","physical_size":1511,"type":"them","virtual_address":152,"virtual_size":2440},{"chi2":1627,"entropy":4028,"flags":"to","name":"about.exe","physical_offset":"by","physical_size":3391,"type":"determine","virtual_address":3240,"virtual_size":3930}],"shared_libraries":["them","Centre","development","enhanced"],"telfhash":"Innovation"},"hash":{"md5":"c8fe99392b1e135215ae5225f377723c","sha1":"a94d1b9d84a68178611059e3331176af1073909c","sha256":"b44a6cbdf439e946d65554388c42c384f89f589fa1daade130f8504fe8c0a312","sha384":"42b79bf313b41bd0661d4159863459ca1f9fb9b9d3196b9feaf5152a9da7acbf936cd97f8f25a8ca6a596c3bda0deb85","sha512":"e41888548cbefcdd227ef3fc71b768f7f3c330a040e9ff4c5a4a602d886b3eb1699fa10f486a0b111553b6245018ac12bd333006b1acb725da72c5473ff6fb3e","ssdeep":"65368:cNx77Hj56pbalhYKhu6nDkb4T:rUA9UN4MfEbqhsdz9rnHUxCuILZoaOVgHKrdwrb2BYjfxHE8Zg","tlsh":"sizes"},"pe":{"architecture":"private","company":"companies","description":"edge","file_version":"all_constantly.pdf","imphash":"about","original_file_name":"constantly_one_to.ppt","pehash":"are","product":"cyber"}},"group":{"domain":"on.ca","id":"supports","name":"with_new_innovative.pdf"},"host":{"id":"The","ip":["75.208.202.219","243.194.248.160"],"mac":["F32D224AD04E","11A1C70F60D7","9191796122DB"],"name":"market.gif","domain":"open.com","type":"our"},"http":{"request":{"body":{"bytes":3305,"content":"innovation"},"bytes":1280,"id":"order","method":"Program","mime_type":"state","referrer":"Government"},"response":{"body":{"bytes":3361,"content":"invite"},"bytes":3699,"mime_type":"private","status_code":195},"version":"5.4.6"},"organization":{"id":"163","name":"OFOVC"},"process":{"args":["open","testing","complex"],"args_count":212,"command_line":"improve","end":"2023-02-14T10:29:48.503443Z","entity_id":"5K4ZCoqgDNM6pF6ccr3cEQ","env_vars":{"key_a":"emerging","key_b":"art"},"executable":"technologies","exit_code":1985,"interactive":true,"name":"services_provide_open.gif","parent":[{"args":["promote","edge","market","cutting"],"args_count":473,"command_line":"supports","end":"2023-03-04T01:55:54.503517Z","entity_id":"1mS5XticQyoEPwTXHbBQjp","env_vars":{"key_a":"sizes","key_b":"private","key_c":"from","key_d":"engaging"},"executable":"across","exit_code":1392,"interactive":false,"name":"build.doc","pid":3687,"same_as_process":false,"start":"2023-02-13T08:37:13.503567Z","user":{"id":"on","name":"them_us_commercial.gif"}}],"pid":3493,"same_as_process":false,"start":"2023-02-28T20:48:17.503586Z","title":"learn","uptime":1076,"user":{"id":"helps","name":"authority_transition.ppt"},"working_directory":"cyber/product/new/new/in"},"registry":{"data":{"bytes":"bringing","strings":["learn","marketplace"],"type":"the"},"hive":"edge","key":"vendors","path":"Canadian","value":"innovations"},"related":{"hash":["to","this","enhanced"],"hosts":["about.biz","to.ca","program.com"],"ip":["225.213.60.74","229.203.2.199","216.88.69.115","28.142.53.248"],"user":["admin","user"],"id":"constantly","uri":["http://cyber.edu/transition/certain/transition","http://of.ca/companies/stays/in/working","http://to.ca/industry/to/To/For","http://provide.com/transition/stays"],"signature":["Innovation"]},"server":{"ip":"3.33.27.96","address":"emerging","domain":"examine.edu"},"source":{"address":"testing","bytes":379,"domain":"more.com","geo":{"city_name":"collaborating_working_all.lnk","continent_code":"companies","continent_name":"centre.gif","country_iso_code":"Program","country_name":"bringing_open.jpg","location":{"lon":1306.36,"lat":3039.94},"name":"we_canada.pdf","postal_code":"marketplace","region_iso_code":"more","region_name":"all_improve.pdf","timezone":"laboratory"},"ip":"160.33.162.34","mac":"de:d0:cb:f2:a3:f1","nat":{"ip":"9.101.70.117","port":613},"packets":2240,"port":3054},"threat":{"feed":{"dashboard_id":"45ZhwlVmUU4qdpiVaPsMZz","description":"security","name":"authority.pdf","reference":"by"},"framework":"MITRE ATT&CK","group":{"alias":["country"],"id":"our","name":"this_state_improve.pdf","reference":"key"},"indicator":{"confidence":"market","description":"Anyone whose rights or freedoms, as guaranteed by this Charter, have been infringed or denied may apply to a court of competent jurisdiction to obtain such remedy as the court considers appropriate and just in the circumstances.","email":{"address":"more"},"provider":"are","reference":"supports","scanner_stats":3224,"sightings":4024,"ip":"249.83.253.136","type":"determine","first_seen":"2023-02-28T11:39:13.503874Z","last_seen":"2023-02-06T09:21:43.503879Z"},"software":{"alias":["enhanced","technology","in"],"id":"supports","name":"to_innovations.gif","platform":["promote","evaluate","environment"],"reference":"of","type":"complex"},"tactic":{"id":"TA0011","name":"Command and Control","reference":"us"},"technique":{"id":"T1110","name":"Brute Force","reference":"bringing"}},"tls":{"version":"4.3.3","version_protocol":"7.4.0","client":{"server_name":"bringing_canada.jpg","ja3":"Canada"},"server":{"ja3s":"country"}},"url":{"domain":"potential.ca","extension":"promote","fragment":"their","full":"innovation","original":"do","password":"the","path":"technical","port":2745,"query":"academia","registered_domain":"for.com","scheme":"commercial","subdomain":"government.com","top_level_domain":"industry.ca","username":"admin"},"user":{"domain":"across.biz","email":"open@do.com","full_name":"about_role_of.exe","group":{"domain":"canadian.ca","id":"vendors","name":"visit_tools_partners.ppt"},"hash":"security","id":"supports","name":"by","roles":["market","promote","by","The"]},"user_agent":{"device":{"name":"commercial_government_cyber.doc"},"name":"country_website_environment.ppt","original":"Mozilla/5.0 (iPhone9,4; U; CPU iPhone OS 10_0_1 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/10.0 Mobile/14A403 Safari/602.1","os":{"family":"more","full":"companies","kernel":"performs","name":"to_commercial.ppt","platform":"certain","type":"industry","version":"7.5.6"},"version":"6.4.8"},"vulnerability":{"category":["innovations","across","certain","of"],"classification":"evaluate","description":"supports","enumeration":"provide","id":"academia","reference":"programs","report_id":"2IBLFLwEhGPnedCvlaIQbA"}},"56uTUZlr5l78UJxI7TaWRd":{"timestamp":"2023-03-02T13:36:32.540632Z","labels":{"key_a":"marketplace","key_b":"The"},"tags":["Canadian","To","but"],"howler":{"id":"56uTUZlr5l78UJxI7TaWRd","analytic":"cmt.aws.sigma.rules","assignment":"unassigned","data":["{\\"key\\": \\"value\\", \\"boolean\\": true, \\"number\\": 5, \\"float\\": 10.456}","{\\"key\\": \\"value1\\", \\"boolean\\": false, \\"number\\": 34, \\"float\\": 10678.098}"],"detection":"Resource Development","hash":"70555d5ef03e7f940852ce3c91522a8e6e1a4b768e356d58e9ceac9fafc14b17","related":["bringing","other","problems"],"reliability":2458.1,"severity":2846.01,"volume":316.68,"confidence":253.6,"score":2196.3,"status":"open","scrutiny":"investigated","escalation":"hit","assessment":null,"comment":[{"id":"5TiysUNki58KG0GNykEYGb","timestamp":"2023-03-01T02:30:08.540836Z","modified":"2023-03-05T08:34:50.540842Z","value":"Subsection does not preclude any law, program or activity that has as its object the amelioration of conditions of disadvantaged individuals or groups including those that are disadvantaged because of race, national or ethnic origin, colour, religion, sex, age or mental or physical disability.","user":"shawnh"},{"id":"4y9MNSoyzD5caHSnTV2iMd","timestamp":"2023-02-04T10:42:50.540874Z","modified":"2023-03-05T15:46:20.540878Z","value":"Treatment or punishment.","user":"user"},{"id":"3Qi5qBCL2Sz0hawcUFa6yB","timestamp":"2023-02-14T16:24:03.540920Z","modified":"2023-02-18T15:01:16.540924Z","value":"A witness who testifies in any proceedings has the right not to have any incriminating evidence so given used to incriminate that witness in any other proceedings, except in a prosecution for perjury or for the giving of contradictory evidence.","user":"admin"},{"modified":"2023-03-10T14:55:07.066843Z","id":"2MEzTmHUXTpAS4GWn3JPqw","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:07.066808Z"},{"modified":"2023-03-10T14:55:46.631512Z","id":"7i6PlApXUXOJ3h7wd7Qymu","value":"test","user":"shawnh","timestamp":"2023-03-10T14:55:46.631473Z"},{"modified":"2023-03-10T15:11:51.942012Z","id":"5WbkINh9wRbKTdOt4YH9tg","value":"test","user":"shawnh","timestamp":"2023-03-10T15:11:51.941968Z"},{"modified":"2023-03-10T15:12:37.995242Z","id":"5FXIxrIwfyOMWjFqndjyRJ","value":"test","user":"shawnh","timestamp":"2023-03-10T15:12:37.995208Z"},{"modified":"2023-03-10T15:13:08.395723Z","id":"73rgJ5Q8MjXJ8Mq2KK0pwu","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:08.395680Z"},{"modified":"2023-03-10T15:13:32.113356Z","id":"1qhJIKGnlJNiHN6EsDfSFf","value":"test","user":"shawnh","timestamp":"2023-03-10T15:13:32.113313Z"},{"modified":"2023-03-10T15:14:27.351537Z","id":"66OAvbQktusj6twMUhL6MX","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:27.351485Z"},{"modified":"2023-03-10T15:14:54.131741Z","id":"1NN0S0fAA5qbJ38hv1Ys6p","value":"test","user":"shawnh","timestamp":"2023-03-10T15:14:54.131688Z"},{"modified":"2023-03-10T15:19:15.415855Z","id":"2P8kjnpZdZAAB2LItTmaC8","value":"test","user":"shawnh","timestamp":"2023-03-10T15:19:15.415799Z"},{"modified":"2023-03-10T15:20:08.260835Z","id":"5vmJPCrzUr8Uy7o9eldOIo","value":"test","user":"shawnh","timestamp":"2023-03-10T15:20:08.260776Z"},{"modified":"2023-03-10T15:21:46.288490Z","id":"1WryPmwlQjGqncevGM7nXi","value":"test","user":"shawnh","timestamp":"2023-03-10T15:21:46.288441Z"},{"modified":"2023-03-10T15:26:34.860478Z","id":"4Ky7AERVhvXrJ6MMnj5i4r","value":"test","user":"shawnh","timestamp":"2023-03-10T15:26:34.860437Z"},{"modified":"2023-03-10T15:31:06.497695Z","id":"5MkdrUBE7gzxur09TY2VcT","value":"test","user":"shawnh","timestamp":"2023-03-10T15:31:06.497654Z"},{"modified":"2023-03-10T15:34:21.042400Z","id":"4KJKeg06aa1V3z8K8aMGyR","value":"test","user":"shawnh","timestamp":"2023-03-10T15:34:21.042343Z"},{"modified":"2023-03-10T15:40:31.782467Z","id":"6CPhdGLLIXcLlEwKdcnk0a","value":"test","user":"shawnh","timestamp":"2023-03-10T15:40:31.782422Z"}],"log":[{"timestamp":"2023-02-25T17:41:00.540935Z","key":"academia","explanation":"Proceedings in New Brunswick courts.","new_value":"other","type":"set","previous_value":"evaluate","user":"user"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2MEzTmHUXTpAS4GWn3JPqw\\", \\"timestamp\\": \\"2023-03-10T14:55:07.066808Z\\", \\"modified\\": \\"2023-03-10T14:55:07.066843Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:07.139798Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"7i6PlApXUXOJ3h7wd7Qymu\\", \\"timestamp\\": \\"2023-03-10T14:55:46.631473Z\\", \\"modified\\": \\"2023-03-10T14:55:46.631512Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T14:55:46.708903Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5WbkINh9wRbKTdOt4YH9tg\\", \\"timestamp\\": \\"2023-03-10T15:11:51.941968Z\\", \\"modified\\": \\"2023-03-10T15:11:51.942012Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:11:52.017474Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5FXIxrIwfyOMWjFqndjyRJ\\", \\"timestamp\\": \\"2023-03-10T15:12:37.995208Z\\", \\"modified\\": \\"2023-03-10T15:12:37.995242Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:12:38.068194Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"73rgJ5Q8MjXJ8Mq2KK0pwu\\", \\"timestamp\\": \\"2023-03-10T15:13:08.395680Z\\", \\"modified\\": \\"2023-03-10T15:13:08.395723Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:08.478314Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1qhJIKGnlJNiHN6EsDfSFf\\", \\"timestamp\\": \\"2023-03-10T15:13:32.113313Z\\", \\"modified\\": \\"2023-03-10T15:13:32.113356Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:13:32.198739Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"66OAvbQktusj6twMUhL6MX\\", \\"timestamp\\": \\"2023-03-10T15:14:27.351485Z\\", \\"modified\\": \\"2023-03-10T15:14:27.351537Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:27.445495Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1NN0S0fAA5qbJ38hv1Ys6p\\", \\"timestamp\\": \\"2023-03-10T15:14:54.131688Z\\", \\"modified\\": \\"2023-03-10T15:14:54.131741Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:14:54.225538Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"2P8kjnpZdZAAB2LItTmaC8\\", \\"timestamp\\": \\"2023-03-10T15:19:15.415799Z\\", \\"modified\\": \\"2023-03-10T15:19:15.415855Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:19:15.505241Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5vmJPCrzUr8Uy7o9eldOIo\\", \\"timestamp\\": \\"2023-03-10T15:20:08.260776Z\\", \\"modified\\": \\"2023-03-10T15:20:08.260835Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:20:08.356422Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"1WryPmwlQjGqncevGM7nXi\\", \\"timestamp\\": \\"2023-03-10T15:21:46.288441Z\\", \\"modified\\": \\"2023-03-10T15:21:46.288490Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:21:46.376554Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4Ky7AERVhvXrJ6MMnj5i4r\\", \\"timestamp\\": \\"2023-03-10T15:26:34.860437Z\\", \\"modified\\": \\"2023-03-10T15:26:34.860478Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:26:34.932911Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"5MkdrUBE7gzxur09TY2VcT\\", \\"timestamp\\": \\"2023-03-10T15:31:06.497654Z\\", \\"modified\\": \\"2023-03-10T15:31:06.497695Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:31:06.575730Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"4KJKeg06aa1V3z8K8aMGyR\\", \\"timestamp\\": \\"2023-03-10T15:34:21.042343Z\\", \\"modified\\": \\"2023-03-10T15:34:21.042400Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:34:21.115190Z"},{"previous_value":"list","explanation":"Added a comment:\\n\\ntest","type":"appended","user":"shawnh","key":"howler.comment","new_value":"<Comment {\\"id\\": \\"6CPhdGLLIXcLlEwKdcnk0a\\", \\"timestamp\\": \\"2023-03-10T15:40:31.782422Z\\", \\"modified\\": \\"2023-03-10T15:40:31.782467Z\\", \\"value\\": \\"test\\", \\"user\\": \\"shawnh\\"}>","timestamp":"2023-03-10T15:40:31.857771Z"}],"retained":"an","monitored":"state","reported":"goods","mitigated":"problems","outline":{"threat":"0f71fea500e0a3b66d90f333f0f1e00c-thing.baduser.org","target":"16320629b4a53dde5d05fc0f2c50cebc.gc.ca","indicators":["survey_them_innovative.doc","market_centre.ppt"],"summary":"Everyone has the following fundamental freedoms."},"labels":{"assignments":["ADS2A","ACE1C","APA1B"],"generic":["Drive","Super Teams","Documentation","Danger"]},"votes":{"benign":["Government","across","market","participating"],"obscure":["Innovation","transition"],"malicious":["industry","selling","To"]},"dossier":{"key_a":"95","key_b":"learn"}},"assemblyline":{"antivirus":[{"type":"improve","subtype":"Program","value":"on","verdict":"info"}],"attribution":[{"type":"the","subtype":"work","value":"programs","verdict":"malicious"},{"type":"survey","subtype":"marketplace","value":"work","verdict":"safe"},{"type":"learn","subtype":"key","value":"from","verdict":"info"},{"type":"product","subtype":"edge","value":"helps","verdict":"info"}],"behaviour":[{"type":"art","subtype":"new","value":"all","verdict":"safe"},{"type":"Centre","subtype":"on","value":"improve","verdict":"safe"}],"domain":[{"type":"partnerships","subtype":"all","value":"To","verdict":"technologies"},{"type":"companies","subtype":"of","value":"problems","verdict":"participating"},{"type":"work","subtype":"academia","value":"assist","verdict":"them"},{"type":"To","subtype":"all","value":"environment","verdict":"key"}],"heuristic":[{"type":"but","subtype":"emerging","value":"other","verdict":"malicious"},{"type":"emerging","subtype":"To","value":"innovations","verdict":"malicious"},{"type":"are","subtype":"supports","value":"Canadian","verdict":"suspicious"}],"mitre":{"tactic":[{"type":"For","subtype":"complex","value":"is","verdict":"info"},{"type":"Build","subtype":"complex","value":"BCIP","verdict":"safe"},{"type":"Canada","subtype":"companies","value":"other","verdict":"safe"}],"technique":[{"type":"provide","subtype":"environment","value":"invite","verdict":"malicious"},{"type":"art","subtype":"innovative","value":"Cyber","verdict":"suspicious"}]},"uri":[{"type":"Program","subtype":"innovation","value":"collaborating","verdict":"defence"},{"type":"marketplace","subtype":"tools","value":"potential","verdict":"The"}],"yara":[{"type":"learn","subtype":"improve","value":"emerging","verdict":"suspicious"},{"type":"technical","subtype":"companies","value":"helps","verdict":"safe"},{"type":"cyber","subtype":"edge","value":"services","verdict":"info"},{"type":"Program","subtype":"For","value":"government","verdict":"safe"}]},"agent":{"id":"art","name":"invite_emerging_companies.jpg","type":"services","version":"7.2.3"},"cbs":{"sharepoint":{"created":{"application":"government","user":"admin"},"modified":{"application":"of","user":"user"}}},"cloud":{"account":{"id":"4QlxiR1SLYwmKrfMGHUMKM","name":"across_supports.exe"},"availability_zone":"technical","instance":{"id":"technical","name":"companies.jpg"},"machine":{"type":"To"},"project":{"id":"in","name":"innovation_programs_edge.exe"},"provider":"feedback","region":"collaborating","service":{"name":"Office365"},"tenant_id":"4uZbyQ0L1jJTgCmOUIre89"},"container":{"id":"Canada","image":{"hash":{"all":["art","innovative","Government","authority"]},"name":"participating_centre_transition.gif","tag":["defence","engaging","academia","Innovation"]},"labels":{"key_a":"across","key_b":"security","key_c":"defence","key_d":"in","key_e":"tools"},"name":"for.gif","runtime":"but"},"destination":{"address":"on","bytes":3992,"domain":"commercial.biz","geo":{"city_name":"partnerships.gif","continent_code":"more","continent_name":"an_order_learn.xls","country_iso_code":"to","country_name":"vendors_promote.doc","location":{"lon":1910.1,"lat":1053.91},"name":"also.exe","postal_code":"with","region_iso_code":"Centre","region_name":"are.jpg","timezone":"invite"},"ip":"64.129.186.250","mac":"84:cf:ff:ee:5d:9e","nat":{"ip":"4.2.158.125","port":370},"packets":2954,"port":3940},"dns":{"answers":[{"class":"innovations","data":"assist","name":"bringing_sizes.gif","ttl":3325,"type":"bringing"},{"class":"feedback","data":"other","name":"invite_programs_stays.pdf","ttl":1568,"type":"vendors"}],"header_flags":["companies","innovative","partners","Build"],"id":"edge","op_code":"performs","question":{"class":"product","name":"collaborating.jpg","registered_domain":"participating.com","subdomain":"them.biz","top_level_domain":"one.biz","type":"invite"},"resolved_ip":["47.5.78.223","210.94.232.131","6.211.8.118","231.31.23.2"],"response_code":"Program","type":"authority"},"ecs":{"version":"8.1.9"},"error":{"code":"all","message":"innovative"},"event":{"action":"engaging","category":["email"],"code":"industry","created":"2023-03-01T17:09:54.541795Z","dataset":"is","duration":3358,"end":"2023-02-25T19:47:29.541809Z","hash":"defence","id":"56uTUZlr5l78UJxI7TaWRd","ingested":"2023-02-15T04:33:05.541819Z","kind":"state","module":"all","original":"participating","outcome":"success","provider":"CBS","reason":"from","reference":"defence","risk_score":1341.14,"risk_score_norm":1978.05,"sequence":3206,"severity":180,"start":"2023-03-03T07:17:37.541852Z","timezone":"collaborating","type":["protocol","start","admin"],"url":"marketplace"},"email":{"attachments":[{"file":{"extension":"environment","hash":{"md5":"407ef2781d13688b779093d0c546509d","sha1":"e707a900e9787871e0e761d0a4b67fd22c4b0972","sha256":"bf4e88d854220993293f391581f319f4f8373bb7f1c90830f93abba47a5a5830","sha384":"640c6d92e34f3065869dc4b369369525a9f2e246642779753f1fa561dc2f01b1eedda210dfbb0527caa1b33ac48f93d9","sha512":"a2181be61ba916b08f8d5e44aec4188b0ccbaeabb2f62de6524f3403c41bc6488482244254d870b00e050ac0a94c74092a7b656aa9ce7420eee932ee0fd254f8","ssdeep":"2686:GXPe2RkNR9bDsemzzMRzTT1It3dkBF846pOL6D2dVogIGbU0gfYjKbLOsIVlZj:1nva4dOd6tRagq4oyXC0Ylb4LDls3q6nv781HPQb4z","tlsh":"work"},"mime_type":"state","name":"to.ppt","size":279}},{"file":{"extension":"examine","hash":{"md5":"6575d609a5fa3a100d8aa2cf16f6ccb5","sha1":"bbfa80dcbcce65ebd33608329d527b8c4443af0a","sha256":"31b0ad1cc4e5a2c689edc1cb0f1992b843adca5685981ec6585d3d37637a7ae9","sha384":"9e6f79596bcda0eb7cf19a391c12e6edcf36ed386c77c04784d9a8ec3225411c750ca14dac7f0c6dac1642e45ecbff71","sha512":"da6194d929654d4e22fde7b9984125d4dee61505c3616d467fb0614a88a918770f87c6ae4f4a8e2e762b16290c36a0cf497bb4d8a294dd9d15add424519292d0","ssdeep":"2008:5qPa9kqLrPwO7gm9GKCMwEBH7AGLpgfVTg3OYN3PLff7ChU3YUuXGPaiAbk26:KqPRvxxnPq4Yt7eSOqGGw1HwlGoLqYxgdVjdIQyH","tlsh":"across"},"mime_type":"authority","name":"role_performs.exe","size":3831}}],"bcc":{"address":"canadian@an.edu"},"cc":{"address":"complex@an.edu"},"content_type":"our","delivery_timestamp":"2023-02-12T10:11:08.542300Z","direction":"companies","from":{"address":"commercial@invite.com"},"local_id":"1p2cx70o6SQvLbWfWaMXtk","message_id":"yZOqhur89aKS0Zsirrupn","origination_timestamp":"2023-03-04T12:52:37.542359Z","reply_to":{"address":"their@cyber.com"},"sender":{"address":"engaging@in.edu"},"subject":"transition","to":{"address":"bcip@testing.ca"},"x_mailer":"provide","parent":{"bcc":{"address":"are@build.edu"},"cc":{"address":"provide@tools.biz"},"from":{"address":"centre@an.edu"},"message_id":"w73xIBvWjIpUKsaoNfkxN","origination_timestamp":"2023-03-04T15:57:17.542416Z","subject":"complex","to":{"address":"determine@open.biz"},"source":"228.105.126.112","destination":"89.171.128.37"}},"faas":{"coldstart":false,"execution":"development","id":"stays","name":"technologies.gif","trigger":{"request_id":"4zqko2cdaW9sicEoU6wzMM","type":"timer"},"version":"6.3.5"},"file":{"accessed":"2023-02-09T08:32:18.542491Z","attributes":["Canada","support","but"],"created":"2023-02-19T23:43:45.542508Z","ctime":"2023-03-05T01:22:09.542512Z","device":"assist","directory":"examine/to/invite","drive_letter":"marketplace","extension":"commercial","fork_name":"learn.ppt","gid":"innovative","group":"ADMINS","inode":"government.biz","mime_type":"constantly","mode":"engaging","mtime":"2023-02-04T03:04:56.542552Z","name":"provide_other.doc","owner":"Program","path":"key","size":1566,"target_path":"innovative","type":"file","uid":"commercial","code_signature":{"digest_algorithm":"sha384","exists":false,"signing_id":"4duvKeetzO1HMeBmsUr81","status":"testing","subject_name":"programs_open.pdf","team_id":"75QZOhC1U4KNRDpq89nEZl","timestamp":"2023-02-27T21:04:35.542636Z","trusted":true,"valid":true},"elf":{"architecture":"companies","byte_order":"To","cpu_type":"technology","creation_date":"academia","exports":["from","government"],"header":{"abi_version":"7.4.5","class":"performs","data":"Innovation","entrypoint":914,"object_version":"4.1.6","os_abi":"The","type":"stays","version":"4.1.4"},"imports":["commercial","assist"],"sections":[{"chi2":496,"entropy":1740,"flags":"One","name":"more_to_enhanced.xls","physical_offset":"One","physical_size":1241,"type":"The","virtual_address":1502,"virtual_size":960},{"chi2":2649,"entropy":1997,"flags":"vendors","name":"selling_new.xls","physical_offset":"promote","physical_size":3742,"type":"innovative","virtual_address":3350,"virtual_size":1896},{"chi2":191,"entropy":3107,"flags":"transition","name":"more_partners_innovations.gif","physical_offset":"laboratory","physical_size":241,"type":"selling","virtual_address":3288,"virtual_size":700},{"chi2":3228,"entropy":1458,"flags":"the","name":"on.jpg","physical_offset":"open","physical_size":2219,"type":"experts","virtual_address":2290,"virtual_size":3542}],"segments":[{"chi2":3938,"entropy":3339,"flags":"innovation","name":"product.gif","physical_offset":"companies","physical_size":798,"type":"marketplace","virtual_address":3814,"virtual_size":1834},{"chi2":1361,"entropy":2573,"flags":"We","name":"participating_them.pdf","physical_offset":"commercial","physical_size":3622,"type":"Cyber","virtual_address":758,"virtual_size":560}],"shared_libraries":["more","problems","supports","environment"],"telfhash":"from"},"hash":{"md5":"daafdee7437b52db922d62751367d177","sha1":"d90d38a4521149cceef1e5161dc4bfe5e1bcd342","sha256":"1f8dac940d29fab2eab970b1209b882b328e887b3e955c893692736de637adb3","sha384":"cc17b92786044e4ee7a7aa4d092273ee987d19c535d3b5e6eabebbc90b219b4578f6bd2be313d4c50c6e418a2f0913ce","sha512":"1780185431b171e9b2e501af9641df064d0175857be05405be6a3000aff5d1bbb638110d2fbc11e1df985010eaad189508eba7256c076d8e709dc60e3ff4ba86","ssdeep":"12000:3itPtyOlSZCyLZdo3oLYM9ozPecl6pReLTJz6jVT1Gvgd7z16fj6Ybz:MnohatTR3gaKsruCcxyViPTbDQ1NdG2O6JALYpXLlObmu3aUISeofVMK6","tlsh":"support"},"pe":{"architecture":"problems","company":"are","description":"determine","file_version":"experts.jpg","imphash":"bringing","original_file_name":"other_goods_we.gif","pehash":"in","product":"innovative"}},"group":{"domain":"centre.biz","id":"other","name":"market.gif"},"host":{"id":"examine","ip":["41.219.99.242"],"mac":["7C1C81812F5A","DB5C89DB7D2E","E89F00718BC2"],"name":"tools.ppt","domain":"is.biz","type":"engaging"},"http":{"request":{"body":{"bytes":569,"content":"other"},"bytes":312,"id":"innovative","method":"transition","mime_type":"authority","referrer":"Innovation"},"response":{"body":{"bytes":612,"content":"programs"},"bytes":1769,"mime_type":"all","status_code":2283},"version":"7.2.6"},"organization":{"id":"36","name":"JUS"},"process":{"args":["product"],"args_count":2074,"command_line":"country","end":"2023-02-25T00:57:03.543222Z","entity_id":"ck474Q3acQutIUm3QMYPl","env_vars":{"key_a":"Program","key_b":"potential","key_c":"visit"},"executable":"environment","exit_code":752,"interactive":true,"name":"we_with_to.xls","parent":[{"args":["with"],"args_count":932,"command_line":"key","end":"2023-02-23T02:54:30.543295Z","entity_id":"6dYC3Bf0gDX0kx666KCKm8","env_vars":{"key_a":"Cyber","key_b":"tools","key_c":"with","key_d":"The","key_e":"experts"},"executable":"security","exit_code":3208,"interactive":false,"name":"security_partners.doc","pid":2391,"same_as_process":false,"start":"2023-02-15T19:41:36.543354Z","user":{"id":"promote","name":"their_programs.lnk"}}],"pid":1496,"same_as_process":false,"start":"2023-02-09T21:27:09.543374Z","title":"security","uptime":1873,"user":{"id":"technology","name":"our_is.xls"},"working_directory":"about/art"},"registry":{"data":{"bytes":"order","strings":["product","testing","industry","tools"],"type":"technical"},"hive":"visit","key":"do","path":"levels","value":"about"},"related":{"hash":["learn","stays"],"hosts":["certain.com"],"ip":["76.178.30.68"],"user":["user"],"id":"Innovation","uri":["ftp://government.ca/cutting/state/is","http://an.biz/Canadian/Centre/but/do/partnerships/academia"],"signature":["technology","academia","innovations"]},"server":{"ip":"233.147.77.100","address":"learn","domain":"edge.edu"},"source":{"address":"certain","bytes":2000,"domain":"partners.edu","geo":{"city_name":"stays_one_centre.pdf","continent_code":"vendors","continent_name":"working.exe","country_iso_code":"examine","country_name":"innovation.doc","location":{"lon":1623.16,"lat":3886.3},"name":"testing_innovative.lnk","postal_code":"other","region_iso_code":"experts","region_name":"all_the.jpg","timezone":"selling"},"ip":"210.170.74.53","mac":"88:0c:68:8c:f3:73","nat":{"ip":"48.208.35.233","port":583},"packets":1571,"port":3592},"threat":{"feed":{"dashboard_id":"7PcWdY7tfRnCUw134r4U1k","description":"work","name":"determine_working.ppt","reference":"provide"},"framework":"MITRE ATT&CK","group":{"alias":["For","more","innovations"],"id":"authority","name":"transition_product.lnk","reference":"One"},"indicator":{"confidence":"promote","description":"Have the right to have their children receive primary and secondary school instruction in that language in that province.","email":{"address":"role"},"provider":"experts","reference":"with","scanner_stats":1848,"sightings":1162,"ip":"120.237.16.168","type":"new","first_seen":"2023-02-24T18:46:26.543680Z","last_seen":"2023-02-08T18:25:38.543685Z"},"software":{"alias":["by","sizes","programs","provide"],"id":"goods","name":"government.pdf","platform":["certain","BCIP"],"reference":"We","type":"authority"},"tactic":{"id":"TA0042","name":"Resource Development","reference":"marketplace"},"technique":{"id":"T1110","name":"Brute Force","reference":"but"}},"tls":{"version":"5.2.0","version_protocol":"4.1.2","client":{"server_name":"companies_program.ppt","ja3":"experts"},"server":{"ja3s":"evaluate"}},"url":{"domain":"this.ca","extension":"cutting","fragment":"Centre","full":"transition","original":"is","password":"industry","path":"technical","port":150,"query":"learn","registered_domain":"constantly.biz","scheme":"cyber","subdomain":"technology.biz","top_level_domain":"order.edu","username":"user"},"user":{"domain":"innovations.edu","email":"also@new.edu","full_name":"bringing_examine_product.exe","group":{"domain":"open.biz","id":"bringing","name":"them.pdf"},"hash":"role","id":"testing","name":"on","roles":["open","on"]},"user_agent":{"device":{"name":"in.jpg"},"name":"new_us.ppt","original":"Mozilla/5.0 (Linux; Android 10; SM-G980F Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/78.0.3904.96 Mobile Safari/537.36","os":{"family":"tools","full":"from","kernel":"sizes","name":"innovative_partnerships.exe","platform":"technology","type":"government","version":"6.4.7"},"version":"6.2.4"},"vulnerability":{"category":["Build","Innovation"],"classification":"experts","description":"them","enumeration":"partners","id":"determine","reference":"support","report_id":"13uhzzUL2SireqNJLx9IO"}}}');
2
+ const hitsData = {
3
+ GET
4
+ };
5
+ export {
6
+ hitsData as h
7
+ };