{ "Event": { "analysis": "0", "date": "2024-06-26", "extends_uuid": "", "info": "[Threat Intel] APT PROFILE \u2013 FANCY BEAR", "protected": false, "publish_timestamp": "1780041200", "published": true, "threat_level_id": "1", "timestamp": "1772902057", "uuid": "acb7fb38-d448-4087-820d-bd8c93156ccc", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#10003d", "local": false, "name": "rectifyq:sub-category=\"TA-profile\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#f9b12b", "local": false, "name": "misp-galaxy:producer=\"Cyfirma\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:threat-actor=\"APT28\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Cannon\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Coreshell\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Downdelph\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"GooseEgg\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Headlace\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"HideDRV\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Koadic\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Komplex\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"LoJax\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"MASEPIE\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"OCEANMAP\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"OLDBAIT\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"PocoDown\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Responder\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"STEELHOOK\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Sedreco\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Seduploader\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"SkinnyBoy\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"VPNFilter\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"X-Agent (ELF)\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"X-Agent (Windows)\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"XTunnel\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:malpedia=\"Zebrocy (AutoIT)\"", "relationship_type": "" }, { "colour": "#86e845", "local": false, "name": "misp-galaxy:target-information=\"Afghanistan\"", "relationship_type": "" }, { "colour": "#b990dd", "local": false, "name": "misp-galaxy:target-information=\"Australia\"", "relationship_type": "" }, { "colour": "#c94db5", "local": false, "name": "misp-galaxy:target-information=\"Brazil\"", "relationship_type": "" }, { "colour": "#d53577", "local": false, "name": "misp-galaxy:target-information=\"Cambodia\"", "relationship_type": "" }, { "colour": "#15ccfd", "local": false, "name": "misp-galaxy:target-information=\"France\"", "relationship_type": "" }, { "colour": "#7d6b1a", "local": false, "name": "misp-galaxy:target-information=\"Georgia\"", "relationship_type": "" }, { "colour": "#5ed128", "local": false, "name": "misp-galaxy:target-information=\"Germany\"", "relationship_type": "" }, { "colour": "#013748", "local": false, "name": "misp-galaxy:target-information=\"India\"", "relationship_type": "" }, { "colour": "#f9cdc4", "local": false, "name": "misp-galaxy:target-information=\"Indonesia\"", "relationship_type": "" }, { "colour": "#4df024", "local": false, "name": "misp-galaxy:target-information=\"Kazakhstan\"", "relationship_type": "" }, { "colour": "#915448", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:target-information=\"Moldova\"", "relationship_type": "" }, { "colour": "#670cf4", "local": false, "name": "misp-galaxy:target-information=\"Pakistan\"", "relationship_type": "" }, { "colour": "#9f5dac", "local": false, "name": "misp-galaxy:target-information=\"Romania\"", "relationship_type": "" }, { "colour": "#35a578", "local": false, "name": "misp-galaxy:target-information=\"South Africa\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:target-information=\"Syria\"", "relationship_type": "" }, { "colour": "#33360c", "local": false, "name": "misp-galaxy:target-information=\"Thailand\"", "relationship_type": "" }, { "colour": "#ce98fe", "local": false, "name": "misp-galaxy:target-information=\"Turkey\"", "relationship_type": "" }, { "colour": "#e4d611", "local": false, "name": "misp-galaxy:target-information=\"Ukraine\"", "relationship_type": "" }, { "colour": "#b8ab01", "local": false, "name": "misp-galaxy:target-information=\"United States\"", "relationship_type": "" }, { "colour": "#1b8479", "local": false, "name": "misp-galaxy:target-information=\"Vietnam\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"/etc/passwd and /etc/shadow - T1003.008\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Additional Email Delegate Permissions - T1098.002\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Application Access Token - T1550.001\"", "relationship_type": "" }, { "colour": "#d58a16", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Archive Collected Data - T1560\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Archive via Utility - T1560.001\"", "relationship_type": "" }, { "colour": "#3909cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Automated Collection - T1119\"", "relationship_type": "" }, { "colour": "#57997c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Bidirectional Communication - T1102.002\"", "relationship_type": "" }, { "colour": "#da180c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Bootkit - T1542.003\"", "relationship_type": "" }, { "colour": "#70b0b5", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Brute Force - T1110\"", "relationship_type": "" }, { "colour": "#40bedd", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Clear Windows Event Logs - T1070.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Cloud Accounts - T1078.004\"", "relationship_type": "" }, { "colour": "#e8f5ec", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Communication Through Removable Media - T1092\"", "relationship_type": "" }, { "colour": "#91afc2", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Component Object Model Hijacking - T1546.015\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Credentials - T1589.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data Transfer Size Limits - T1030\"", "relationship_type": "" }, { "colour": "#a42e64", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Information Repositories - T1213\"", "relationship_type": "" }, { "colour": "#68f2ff", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Network Shared Drive - T1039\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Removable Media - T1025\"", "relationship_type": "" }, { "colour": "#a92e1c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Deobfuscate/Decode Files or Information - T1140\"", "relationship_type": "" }, { "colour": "#82eae0", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Domains - T1583.001\"", "relationship_type": "" }, { "colour": "#45a451", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Drive-by Compromise - T1189\"", "relationship_type": "" }, { "colour": "#59db25", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Dynamic Data Exchange - T1559.002\"", "relationship_type": "" }, { "colour": "#5c59c9", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Email Accounts - T1586.002\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Asymmetric Encrypted Non-C2 Protocol - T1048.002\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exfiltration Over Web Service - T1567\"", "relationship_type": "" }, { "colour": "#9feaf0", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploit Public-Facing Application - T1190\"", "relationship_type": "" }, { "colour": "#0aebeb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploitation for Client Execution - T1203\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploitation for Defense Evasion - T1211\"", "relationship_type": "" }, { "colour": "#6d779a", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploitation for Privilege Escalation - T1068\"", "relationship_type": "" }, { "colour": "#7adb57", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Exploitation of Remote Services - T1210\"", "relationship_type": "" }, { "colour": "#280b0e", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"External Proxy - T1090.002\"", "relationship_type": "" }, { "colour": "#7773ac", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"External Remote Services - T1133\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"File Deletion - T1070.004\"", "relationship_type": "" }, { "colour": "#0c0051", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"File and Directory Discovery - T1083\"", "relationship_type": "" }, { "colour": "#44b2c2", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Hidden Files and Directories - T1564.001\"", "relationship_type": "" }, { "colour": "#d12299", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Hidden Window - T1564.003\"", "relationship_type": "" }, { "colour": "#4c0fbb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Ingress Tool Transfer - T1105\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Junk Data - T1001.001\"", "relationship_type": "" }, { "colour": "#72ee33", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Keylogging - T1056.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"LSASS Memory - T1003.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Local Data Staging - T1074.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Logon Script (Windows) - T1037.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Mail Protocols - T1071.003\"", "relationship_type": "" }, { "colour": "#47d9d3", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Malicious File - T1204.002\"", "relationship_type": "" }, { "colour": "#5884a7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Malicious Link - T1204.001\"", "relationship_type": "" }, { "colour": "#75ec20", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"", "relationship_type": "" }, { "colour": "#7da4ad", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Match Legitimate Resource Name or Location - T1036.005\"", "relationship_type": "" }, { "colour": "#738de4", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Multi-hop Proxy - T1090.003\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"NTDS - T1003.003\"", "relationship_type": "" }, { "colour": "#37ffb5", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Network Denial of Service - T1498\"", "relationship_type": "" }, { "colour": "#1d736f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Network Sniffing - T1040\"", "relationship_type": "" }, { "colour": "#e08bb2", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Office Test - T1137.002\"", "relationship_type": "" }, { "colour": "#1ef2bb", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Pass the Hash - T1550.002\"", "relationship_type": "" }, { "colour": "#b0513a", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Password Guessing - T1110.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Password Spraying - T1110.003\"", "relationship_type": "" }, { "colour": "#0ec9f4", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Peripheral Device Discovery - T1120\"", "relationship_type": "" }, { "colour": "#a0d02a", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Phishing for Information - T1598\"", "relationship_type": "" }, { "colour": "#755c09", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"PowerShell - T1059.001\"", "relationship_type": "" }, { "colour": "#62f4c1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Process Discovery - T1057\"", "relationship_type": "" }, { "colour": "#b76d96", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Registry Run Keys / Startup Folder - T1547.001\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Remote Data Staging - T1074.002\"", "relationship_type": "" }, { "colour": "#23cf0e", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Remote Email Collection - T1114.002\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Replication Through Removable Media - T1091\"", "relationship_type": "" }, { "colour": "#91ee5f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Rootkit - T1014\"", "relationship_type": "" }, { "colour": "#177fb7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Rundll32 - T1218.011\"", "relationship_type": "" }, { "colour": "#041edc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"SMB/Windows Admin Shares - T1021.002\"", "relationship_type": "" }, { "colour": "#8ee8d8", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Screen Capture - T1113\"", "relationship_type": "" }, { "colour": "#f146c3", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Sharepoint - T1213.002\"", "relationship_type": "" }, { "colour": "#5539fe", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Attachment - T1566.001\"", "relationship_type": "" }, { "colour": "#c202a1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1566.002\"", "relationship_type": "" }, { "colour": "#db2044", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1598.003\"", "relationship_type": "" }, { "colour": "#08221e", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Steal Application Access Token - T1528\"", "relationship_type": "" }, { "colour": "#56c932", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Symmetric Cryptography - T1573.001\"", "relationship_type": "" }, { "colour": "#2cfe4e", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Template Injection - T1221\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Timestomp - T1070.006\"", "relationship_type": "" }, { "colour": "#44e07f", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Token Impersonation/Theft - T1134.001\"", "relationship_type": "" }, { "colour": "#6fe7f4", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Tool - T1588.002\"", "relationship_type": "" }, { "colour": "#1acf09", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Trusted Relationship - T1199\"", "relationship_type": "" }, { "colour": "#59699c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Valid Accounts - T1078\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Vulnerability Scanning - T1595.002\"", "relationship_type": "" }, { "colour": "#92e858", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Protocols - T1071.001\"", "relationship_type": "" }, { "colour": "#4a5d84", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Services - T1583.006\"", "relationship_type": "" }, { "colour": "#fe1ef0", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Shell - T1505.003\"", "relationship_type": "" }, { "colour": "#02475d", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Windows Command Shell - T1059.003\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" }, { "colour": "#3a00dd", "local": false, "name": "rectifyq:action-taken=\"diamond-model\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1754268299", "to_ids": false, "type": "link", "uuid": "e8bdad7f-b4d0-42e4-85cd-6f79d0a2c54d", "value": "https://www.cyfirma.com/research/apt-profile-fancy-bear-2/" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1754268541", "to_ids": false, "type": "vulnerability", "uuid": "cfc3cced-70ce-4a2b-ad99-7a1fcdb19826", "value": "CVE-2023-23397" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1754268541", "to_ids": false, "type": "vulnerability", "uuid": "2d8be703-16cb-4431-a891-9eefe05b5884", "value": "CVE-2023-38831" }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1754268541", "to_ids": false, "type": "vulnerability", "uuid": "00e24bb3-6b1e-42b9-a861-88c3bee35dd3", "value": "CVE-2023-20085" }, { "category": "Other", "comment": "diamond-model", "deleted": false, "disable_correlation": false, "timestamp": "1770874678", "to_ids": false, "type": "comment", "uuid": "0f541580-902b-40da-b229-7218aa79caf4", "value": "https://raw.githubusercontent.com/rectifyq/Collections/refs/heads/main/Diamond-Models/2024/240626-Fancy-Bear/30.png" }, { "category": "Other", "comment": "diamond-model", "deleted": false, "disable_correlation": false, "timestamp": "1770874678", "to_ids": false, "type": "comment", "uuid": "98af05c4-f136-4ce6-83f8-b549af1341b2", "value": "https://raw.githubusercontent.com/rectifyq/Collections/refs/heads/main/Diamond-Models/2024/240626-Fancy-Bear/31.png" }, { "category": "Other", "comment": "diamond-model", "deleted": false, "disable_correlation": false, "timestamp": "1770874678", "to_ids": false, "type": "comment", "uuid": "6a8a23e7-822f-41fc-86ce-cd16f40b761c", "value": "https://raw.githubusercontent.com/rectifyq/Collections/refs/heads/main/Diamond-Models/2024/240626-Fancy-Bear/32.png" }, { "category": "Other", "comment": "diamond-model", "deleted": false, "disable_correlation": false, "timestamp": "1770874678", "to_ids": false, "type": "comment", "uuid": "67f4fb61-5d14-4076-afcd-852f27e39eae", "value": "https://raw.githubusercontent.com/rectifyq/Collections/refs/heads/main/Diamond-Models/2024/240626-Fancy-Bear/33.png" }, { "category": "Other", "comment": "diamond-model", "deleted": false, "disable_correlation": false, "timestamp": "1770874678", "to_ids": false, "type": "comment", "uuid": "35561446-8381-4c0b-a12d-76df15fcc718", "value": "https://raw.githubusercontent.com/rectifyq/Collections/refs/heads/main/Diamond-Models/2024/240626-Fancy-Bear/34.png" } ] } }