{
	"id": "6ccb1795-bd03-44f4-a584-3ac0f1ea7d94",
	"created_at": "2026-04-06T00:18:01.4783Z",
	"updated_at": "2026-04-10T03:25:50.517911Z",
	"deleted_at": null,
	"sha1_hash": "b69d8d414ded293c9e72e9f8fde9b9874888ca15",
	"title": "LevelBlue - Open Threat Exchange",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 258620,
	"plain_text": "LevelBlue - Open Threat Exchange\r\nBy CyberHunter_NL\r\nArchived: 2026-04-05 19:54:37 UTC\r\nAuthor Url\r\n841 Subscribers\r\nAuthor Url\r\n122 Subscribers\r\nAuthor Url\r\nQuery Registry, Technique T1012 - Enterprise | MITRE ATT\u0026CK\u0026reg;\r\nCVE: 1 | URL: 6 | Domain: 2 | Hostname: 2\r\nAdversaries can access the Windows Registry to gather information about the operating system, configuration, and\r\ninstalled software, as well as to make modifications to the system's registry, according to a report published in the\r\nSecurity Research Institute (CTI).\r\n122 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 1 of 20\n\nnamer\r\nFileHash-MD5: 6 | FileHash-SHA1: 94 | FileHash-SHA256: 6 | Domain: 6 | Hostname: 8\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 2 of 20\n\n25 Subscribers\r\ntange\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 3 of 20\n\nFileHash-MD5: 6 | FileHash-SHA1: 94 | FileHash-SHA256: 6 | Domain: 6 | Hostname: 8\r\nThe full text of the report on InvisiMole, which was published by WeLive security, has been published on the\r\nBBC's News Channel and is available to view on iPlayer.\r\n25 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 4 of 20\n\ninvismole\r\nYARA: 5 | Domain: 7 | Hostname: 5\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 5 of 20\n\nInvisiMole has been trojanized by security researchers, who have now identified the source of the malware and\r\nused the code to access the data for the first time in its history.\r\n25 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 6 of 20\n\nWinar\r\nFileHash-MD5: 6 | FileHash-SHA1: 94 | FileHash-SHA256: 6 | YARA: 5 | Domain: 7 | Hostname: 8\r\nThe InvisiMole software is based on the two-clause BSD 2-Clause (YARA) license, provided by ESET Research,\r\nand is available to the public.\r\n25 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 7 of 20\n\n146 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 8 of 20\n\n15 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 9 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 10 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 11 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 12 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 13 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 14 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 15 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 16 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 17 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 18 of 20\n\n35 Subscribers\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 19 of 20\n\n35 Subscribers\r\nSource: https://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nhttps://otx.alienvault.com/browse/pulses?q=tag:invisimole\r\nPage 20 of 20\n\nnamer  https://otx.alienvault.com/browse/pulses?q=tag:invisimole   \nFileHash-MD5: 6 | FileHash-SHA1: 94 | FileHash-SHA256: 6 | Domain: 6 | Hostname: 8\n   Page 2 of 20",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://otx.alienvault.com/browse/pulses?q=tag:invisimole"
	],
	"report_names": [
		"pulses?q=tag:invisimole"
	],
	"threat_actors": [
		{
			"id": "11f52079-26d3-4e06-8665-6a0b3efdc41c",
			"created_at": "2022-10-25T16:07:23.736987Z",
			"updated_at": "2026-04-10T02:00:04.732021Z",
			"deleted_at": null,
			"main_name": "InvisiMole",
			"aliases": [
				"UAC-0035"
			],
			"source_name": "ETDA:InvisiMole",
			"tools": [
				"InvisiMole"
			],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "12b5d602-4017-4a6f-a2a3-387a6e07a27b",
			"created_at": "2023-01-06T13:46:39.095233Z",
			"updated_at": "2026-04-10T02:00:03.21157Z",
			"deleted_at": null,
			"main_name": "InvisiMole",
			"aliases": [],
			"source_name": "MISPGALAXY:InvisiMole",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434681,
	"ts_updated_at": 1775791550,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b69d8d414ded293c9e72e9f8fde9b9874888ca15.pdf",
		"text": "https://archive.orkl.eu/b69d8d414ded293c9e72e9f8fde9b9874888ca15.txt",
		"img": "https://archive.orkl.eu/b69d8d414ded293c9e72e9f8fde9b9874888ca15.jpg"
	}
}