packet-rat
commented
1 year ago python3 misp_import.py -f -nb -d -a
[2023-04-05 15:39:21,012] INFO misp_tools MISP Import for CrowdStrike Threat Intelligence v0.6.8
[2023-04-05 15:39:21,013] INFO config CHECK CONFIG
[2023-04-05 15:39:21,014] DEBUG config client_id value redacted, check config file
[2023-04-05 15:39:21,014] DEBUG config client_secret value redacted, check config file
[2023-04-05 15:39:21,014] DEBUG config crowdstrike_url US1
[2023-04-05 15:39:21,014] DEBUG config api_request_max 5000
[2023-04-05 15:39:21,014] DEBUG config api_enable_ssl True
[2023-04-05 15:39:21,014] DEBUG config reports_timestamp_filename lastReportsUpdate.dat
[2023-04-05 15:39:21,014] DEBUG config indicators_timestamp_filename lastIndicatorsUpdate.dat
[2023-04-05 15:39:21,014] DEBUG config actors_timestamp_filename lastActorsUpdate.dat
[2023-04-05 15:39:21,014] DEBUG config init_reports_days_before 365
[2023-04-05 15:39:21,014] DEBUG config init_indicators_minutes_before 20220
[2023-04-05 15:39:21,014] DEBUG config init_actors_days_before 730
[2023-04-05 15:39:21,014] DEBUG config reports_unique_tag att:source="Crowdstrike.Report"
[2023-04-05 15:39:21,014] DEBUG config indicators_unique_tag att:source="Crowdstrike.Indicators"
[2023-04-05 15:39:21,014] DEBUG config actors_unique_tag att:source="Crowdstrike.Actors"
[2023-04-05 15:39:21,014] DEBUG config reports_tags att:source="Crowdstrike.Report"
[2023-04-05 15:39:21,014] DEBUG config indicators_tags att:source="Crowdstrike.Indicators"
[2023-04-05 15:39:21,014] DEBUG config actors_tags att:source="Crowdstrike.Actors"
[2023-04-05 15:39:21,014] DEBUG config unknown_mapping CrowdStrike:indicator:galaxy: UNATTRIBUTED
[2023-04-05 15:39:21,014] DEBUG config unattributed_title CrowdStrike Unattributed indicators:
[2023-04-05 15:39:21,014] DEBUG config indicator_type_title Indicator Type:
[2023-04-05 15:39:21,014] DEBUG config malware_family_title Malware Family:
[2023-04-05 15:39:21,014] DEBUG config log_duplicates_as_sightings True
[2023-04-05 15:39:21,014] DEBUG config misp_url https://3samisp
[2023-04-05 15:39:21,014] DEBUG config misp_auth_key value redacted, check config file
[2023-04-05 15:39:21,014] DEBUG config crowdstrike_org_uuid ca4f4b5d-db04-4a5e-a6de-e60636dc01be
[2023-04-05 15:39:21,014] DEBUG config misp_enable_ssl False
[2023-04-05 15:39:21,014] WARNING config misp_enable_ssl SSL is disabled for MISP API requests
[2023-04-05 15:39:21,014] DEBUG config ind_attribute_batch_size 2500
[2023-04-05 15:39:21,014] DEBUG config event_save_memory_refresh_interval 180
[2023-04-05 15:39:21,014] DEBUG config max_threads 16
[2023-04-05 15:39:21,015] DEBUG config miss_track_file no_galaxy_mapping.log
[2023-04-05 15:39:21,015] DEBUG config galaxies_map_file galaxy.ini
[2023-04-05 15:39:21,015] DEBUG config tag_unknown_galaxy_maps True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_kill-chain True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_information-security-data-source True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_type True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_iep False
[2023-04-05 15:39:21,015] DEBUG config taxonomic_iep2 True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_iep2_version False
[2023-04-05 15:39:21,015] DEBUG config taxonomic_tlp True
[2023-04-05 15:39:21,015] DEBUG config taxonomic_workflow True
[2023-04-05 15:39:21,597] INFO config No configuration errors found (1 warning)
[2023-04-05 15:39:21,597] INFO config
[2023-04-05 15:39:21,597] INFO config ____ _ _ ____ ____ _ _ ____ ___ ____ ____ ____ ____ ___
[2023-04-05 15:39:21,597] INFO config | |__| |___ | |_/ [__ |__] |__| [__ [__ |___ | \
[2023-04-05 15:39:21,597] INFO config |___ | | |___ |___ | \_ ___] | | | ___] ___] |___ |__/
[2023-04-05 15:39:21,597] INFO config
[2023-04-05 15:39:22,439] INFO processor/main BEGIN ADVERSARIES IMPORT
[2023-04-05 15:39:22,440] INFO processor/main Start importing CrowdStrike Adversaries as events into MISP (past 730 days).
[2023-04-05 15:39:22,440] INFO processor/main Retrieving all adversaries.
[2023-04-05 15:39:23,565] INFO processor/main Got 55 adversaries from the Crowdstrike Intel API.
[2023-04-05 15:39:25,734] WARNING processor/thread_0 Adversary OCTANE PANDA missing field first_activity_date.
[2023-04-05 15:39:25,759] DEBUG processor/thread_8 Created adversary event for HIDDEN SPIDER
[2023-04-05 15:39:25,762] DEBUG processor/thread_7 Created adversary event for OUTBREAK SPIDER
[2023-04-05 15:39:25,766] DEBUG processor/thread_10 Created adversary event for SCATTERED SPIDER
[2023-04-05 15:39:25,768] DEBUG processor/thread_3 Created adversary event for SHATTERED PANDA
[2023-04-05 15:39:25,771] DEBUG processor/thread_9 Created adversary event for SLIPPY SPIDER
[2023-04-05 15:39:25,772] DEBUG processor/thread_0 Created adversary event for OCTANE PANDA
[2023-04-05 15:39:25,775] DEBUG processor/thread_5 Created adversary event for ALCHEMIST SPIDER
[2023-04-05 15:39:25,779] DEBUG processor/thread_12 Created adversary event for SAMBA SPIDER
[2023-04-05 15:39:25,783] DEBUG processor/thread_6 Created adversary event for COMPASS SPIDER
[2023-04-05 15:39:25,785] DEBUG processor/thread_11 Created adversary event for HOLIDAY SPIDER
[2023-04-05 15:39:25,788] DEBUG processor/thread_2 Created adversary event for SPECTRAL KITTEN
[2023-04-05 15:39:25,795] DEBUG processor/thread_13 Created adversary event for SHINING SPIDER
[2023-04-05 15:39:25,804] DEBUG processor/thread_14 Created adversary event for CHRONO KITTEN
[2023-04-05 15:39:25,810] DEBUG processor/thread_4 Created adversary event for CYBORG SPIDER
[2023-04-05 15:39:25,816] DEBUG processor/thread_15 Created adversary event for HAYWIRE KITTEN
[2023-04-05 15:39:25,821] DEBUG processor/thread_1 Created adversary event for FERAL SPIDER
[2023-04-05 15:39:26,370] DEBUG processor/thread_8 Created adversary event for COSMIC WOLF
[2023-04-05 15:39:26,381] DEBUG processor/thread_10 Created adversary event for PARTISAN JACKAL
[2023-04-05 15:39:26,473] DEBUG processor/thread_11 Created adversary event for LILY SPIDER
[2023-04-05 15:39:26,651] DEBUG processor/thread_9 Created adversary event for VAPOR PANDA
[2023-04-05 15:39:26,681] DEBUG processor/thread_7 Created adversary event for CHARIOT SPIDER
[2023-04-05 15:39:26,907] DEBUG processor/thread_12 Created adversary event for WANDERING SPIDER
[2023-04-05 15:39:26,916] DEBUG processor/thread_5 Created adversary event for VICE SPIDER
[2023-04-05 15:39:26,957] DEBUG processor/thread_1 Created adversary event for ALPHA SPIDER
[2023-04-05 15:39:26,967] DEBUG processor/thread_11 Created adversary event for RECESS SPIDER
[2023-04-05 15:39:27,132] DEBUG processor/thread_13 Created adversary event for HIVE SPIDER
[2023-04-05 15:39:27,167] DEBUG processor/thread_7 Created adversary event for DEADEYE HAWK
[2023-04-05 15:39:27,180] DEBUG processor/thread_3 Created adversary event for GALACTIC OCELOT
[2023-04-05 15:39:27,217] DEBUG processor/thread_15 Created adversary event for VERTIGO PANDA
[2023-04-05 15:39:27,335] DEBUG processor/thread_6 Created adversary event for BLIND SPIDER
[2023-04-05 15:39:27,571] WARNING pymisp/thread_0 The value of the attribute you're trying to add is an empty string, skipping it. Object relation: alias
[2023-04-05 15:39:27,574] DEBUG processor/thread_0 Created adversary event for CHAOTIC SPIDER
[2023-04-05 15:39:27,730] DEBUG processor/thread_4 Created adversary event for AQUATIC PANDA
[2023-04-05 15:39:27,842] DEBUG processor/thread_5 Created adversary event for BRAIN SPIDER
[2023-04-05 15:39:27,946] DEBUG processor/thread_6 Created adversary event for AVIATOR SPIDER
[2023-04-05 15:39:27,988] DEBUG processor/thread_10 Created adversary event for FRINGE LEOPARD
[2023-04-05 15:39:28,109] DEBUG processor/thread_11 Created adversary event for HAZY TIGER
[2023-04-05 15:39:28,197] DEBUG processor/thread_12 Created adversary event for MIRAGE TIGER
[2023-04-05 15:39:28,313] DEBUG processor/thread_13 Created adversary event for VETO SPIDER
[2023-04-05 15:39:28,353] WARNING processor/thread_0 Adversary DEMON SPIDER missing field first_activity_date.
[2023-04-05 15:39:28,353] WARNING processor/thread_0 Adversary DEMON SPIDER missing field last_activity_date.
[2023-04-05 15:39:28,354] DEBUG processor/thread_0 Created adversary event for DEMON SPIDER
[2023-04-05 15:39:28,437] DEBUG processor/thread_2 Created adversary event for BANISHED KITTEN
[2023-04-05 15:39:28,487] DEBUG processor/thread_14 Created adversary event for ROYAL SPIDER
[2023-04-05 15:39:28,517] DEBUG processor/thread_6 Created adversary event for BITWISE SPIDER
[2023-04-05 15:39:28,635] DEBUG processor/thread_1 Created adversary event for GOSSAMER BEAR
[2023-04-05 15:39:28,665] DEBUG processor/thread_9 Created adversary event for REGAL JACKAL
[2023-04-05 15:39:28,671] WARNING processor/thread_0 Could not add or tag event ADV-203346 DEMON SPIDER (eCrime). Will retry in 0.3 seconds.
day is out of range for month: 0
[2023-04-05 15:39:28,704] WARNING processor/thread_5 Adversary INTREPID JACKAL missing field first_activity_date.
[2023-04-05 15:39:28,704] WARNING processor/thread_5 Adversary INTREPID JACKAL missing field last_activity_date.
[2023-04-05 15:39:28,705] DEBUG processor/thread_5 Created adversary event for INTREPID JACKAL
[2023-04-05 15:39:28,797] DEBUG processor/thread_15 Created adversary event for OUTRIDER TIGER
[2023-04-05 15:39:29,024] WARNING processor/thread_8 Adversary VAMPIRE SPIDER missing field last_activity_date.
[2023-04-05 15:39:29,025] WARNING pymisp/thread_8 The value of the attribute you're trying to add is an empty string, skipping it. Object relation: alias
[2023-04-05 15:39:29,035] DEBUG processor/thread_8 Created adversary event for NEMESIS KITTEN
[2023-04-05 15:39:29,070] DEBUG processor/thread_0 Created adversary event for ETHEREAL PANDA
[2023-04-05 15:39:29,079] DEBUG processor/thread_7 Created adversary event for QUANTUM SPIDER
[2023-04-05 15:39:29,397] DEBUG processor/thread_13 Created adversary event for SUNRISE PANDA
[2023-04-05 15:39:29,734] DEBUG processor/thread_14 Created adversary event for HERMIT SPIDER
[2023-04-05 15:39:29,775] DEBUG processor/thread_12 Created adversary event for JACKPOT PANDA
[2023-04-05 15:39:29,863] DEBUG processor/thread_10 Created adversary event for EMBER BEAR
[2023-04-05 15:39:30,571] WARNING processor/thread_5 Could not add or tag event ADV-137920 INTREPID JACKAL (Hacktivist). Will retry in 0.3 seconds.
day is out of range for month: 0
Traceback (most recent call last):
File "misp_import.py", line 377, in <module>
main()
File "misp_import.py", line 356, in main
importer.import_from_crowdstrike(int(settings["CrowdStrike"]["init_reports_days_before"]),
File "/home/rx118r/src/crowdstrike/MISP-tools-main/cs_misp_import/importer.py", line 303, in import_from_crowdstrike
self.actors_importer.process_actors(actors_days_before, self.event_ids)
File "/home/rx118r/src/crowdstrike/MISP-tools-main/cs_misp_import/actors.py", line 153, in process_actors
if fut.result():
File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 437, in result
return self.__get_result()
File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 389, in __get_result
raise self._exception
File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/thread.py", line 57, in run
result = self.fn(*self.args, **self.kwargs)
File "/home/rx118r/src/crowdstrike/MISP-tools-main/cs_misp_import/actors.py", line 66, in batch_import_actors
event: MISPEvent = self.create_event_from_actor(act, act_det)
File "/home/rx118r/src/crowdstrike/MISP-tools-main/cs_misp_import/actors.py", line 372, in create_event_from_actor
kao.add_tag(f"CrowdStrike:adversary:branch: {actor_branch}")
AttributeError: 'NoneType' object has no attribute 'add_tag'
jshcodes
Breaking Issues
I should highlight that these are breaking issues:
python3 misp_import.py --fullmonty -d -v [2023-04-04 21:22:25,471] INFO misp_tools
[2023-04-04 21:22:25,471] INFO misp_tools '##::::'##:'####::'######::'########:::::'########::'#######:::'#######::'##::::::::'######:: [2023-04-04 21:22:25,472] INFO misp_tools ###::'###:. ##::'##... ##: ##.... ##::::... ##..::'##.... ##:'##.... ##: ##:::::::'##... ##: [2023-04-04 21:22:25,472] INFO misp_tools ####'####:: ##:: ##:::..:: ##:::: ##::::::: ##:::: ##:::: ##: ##:::: ##: ##::::::: ##:::..:: [2023-04-04 21:22:25,472] INFO misp_tools ## ### ##:: ##::. ######:: ########:::::::: ##:::: ##:::: ##: ##:::: ##: ##:::::::. ######:: [2023-04-04 21:22:25,472] INFO misp_tools ##. #: ##:: ##:::..... ##: ##.....::::::::: ##:::: ##:::: ##: ##:::: ##: ##::::::::..... ##: [2023-04-04 21:22:25,472] INFO misp_tools ##:.:: ##:: ##::'##::: ##: ##:::::::::::::: ##:::: ##:::: ##: ##:::: ##: ##:::::::'##::: ##: [2023-04-04 21:22:25,472] INFO misp_tools ##:::: ##:'####:. ######:: ##:::::::::::::: ##::::. #######::. #######:: ########:. ######:: [2023-04-04 21:22:25,472] INFO misp_tools ..:::::..::....:::......:::..:::::::::::::::..::::::.......::::.......:::........:::......::: [2023-04-04 21:22:25,472] INFO misptools ____ [2023-04-04 21:22:25,472] INFO misp_tools / ' [2023-04-04 21:22:25,472] INFO misp_tools ,-/-, [2023-04-04 21:22:25,472] INFO misptools (/ ()/ ( [2023-04-04 21:22:25,472] INFO misp_tools _ _ [2023-04-04 21:22:25,472] INFO misptools | .----.-----.--.--.--.--| | | |.----|| |--.-----. [2023-04-04 21:22:25,472] INFO misp_tools |. 1| | | | | | | 1| | _| | <| -| [2023-04-04 21:22:25,472] INFO misptools |. ||_| ||____|| ||| ||||| [2023-04-04 21:22:25,472] INFO misp_tools |: 1 | |: 1 | [2023-04-04 21:22:25,472] INFO misp_tools |::.. . | |::.. . | Threat Intelligence v0.6.8 [2023-04-04 21:22:25,472] INFO misp_tools
-------'-------' [2023-04-04 21:22:25,472] INFO misp_tools[2023-04-04 21:22:25,472] INFO config
[2023-04-04 21:22:25,472] INFO config _ ____ _ __ [2023-04-04 21:22:25,472] INFO config | || |__ | |/ | | | | \ | |__ | | ____ [2023-04-04 21:22:25,472] INFO config | | | |__ | | _ |____ |_| | _| | | |_| [2023-04-04 21:22:25,472] INFO config
[2023-04-04 21:22:25,473] DEBUG config client_id value redacted, check config file [2023-04-04 21:22:25,473] DEBUG config client_secret value redacted, check config file [2023-04-04 21:22:25,473] DEBUG config crowdstrike_url US1 [2023-04-04 21:22:25,473] DEBUG config api_request_max 5000 [2023-04-04 21:22:25,473] DEBUG config api_enable_ssl True [2023-04-04 21:22:25,473] DEBUG config reports_timestamp_filename lastReportsUpdate.dat [2023-04-04 21:22:25,473] DEBUG config indicators_timestamp_filename lastIndicatorsUpdate.dat [2023-04-04 21:22:25,473] DEBUG config actors_timestamp_filename lastActorsUpdate.dat [2023-04-04 21:22:25,473] DEBUG config init_reports_days_before 365 [2023-04-04 21:22:25,473] DEBUG config init_indicators_minutes_before 20220 [2023-04-04 21:22:25,473] DEBUG config init_actors_days_before 730 [2023-04-04 21:22:25,473] DEBUG config reports_unique_tag CrowdStrike: REPORT [2023-04-04 21:22:25,473] DEBUG config indicators_unique_tag CrowdStrike: INDICATOR [2023-04-04 21:22:25,473] DEBUG config actors_unique_tag CrowdStrike: ADVERSARY [2023-04-04 21:22:25,474] DEBUG config reports_tags att:source="Crowdstrike.Report" [2023-04-04 21:22:25,474] DEBUG config indicators_tags att:source="Crowdstrike.Indicators" [2023-04-04 21:22:25,474] DEBUG config actors_tags att:source="Crowdstrike.Actors" [2023-04-04 21:22:25,474] DEBUG config unknown_mapping CrowdStrike:indicator:galaxy: UNATTRIBUTED [2023-04-04 21:22:25,474] DEBUG config unattributed_title Unattributed indicators: [2023-04-04 21:22:25,474] DEBUG config indicator_type_title Indicator Type: [2023-04-04 21:22:25,474] DEBUG config malware_family_title Malware Family: [2023-04-04 21:22:25,474] DEBUG config log_duplicates_as_sightings True [2023-04-04 21:22:25,474] DEBUG config misp_url https://3samisp [2023-04-04 21:22:25,474] DEBUG config misp_auth_key value redacted, check config file [2023-04-04 21:22:25,474] DEBUG config crowdstrike_org_uuid ca4f4b5d-db04-4a5e-a6de-e60636dc01be [2023-04-04 21:22:25,474] DEBUG config misp_enable_ssl False [2023-04-04 21:22:25,474] WARNING config misp_enable_ssl SSL is disabled for MISP API requests [2023-04-04 21:22:25,474] DEBUG config ind_attribute_batch_size 2500 [2023-04-04 21:22:25,474] DEBUG config event_save_memory_refresh_interval 180 [2023-04-04 21:22:25,474] DEBUG config max_threads 16 [2023-04-04 21:22:25,474] DEBUG config miss_track_file no_galaxy_mapping.log [2023-04-04 21:22:25,474] DEBUG config galaxies_map_file galaxy.ini [2023-04-04 21:22:25,474] DEBUG config tag_unknown_galaxy_maps True [2023-04-04 21:22:25,474] DEBUG config taxonomic_kill-chain True [2023-04-04 21:22:25,474] DEBUG config taxonomic_information-security-data-source True [2023-04-04 21:22:25,474] DEBUG config taxonomic_type True [2023-04-04 21:22:25,474] DEBUG config taxonomic_iep False [2023-04-04 21:22:25,474] DEBUG config taxonomic_iep2 True [2023-04-04 21:22:25,474] DEBUG config taxonomic_iep2_version False [2023-04-04 21:22:25,474] DEBUG config taxonomic_tlp True [2023-04-04 21:22:25,474] DEBUG config taxonomic_workflow True [2023-04-04 21:22:26,401] INFO config No configuration errors found (1 warning) [2023-04-04 21:22:26,401] INFO config
[2023-04-04 21:22:26,401] INFO config __ _ __ ___ [2023-04-04 21:22:26,401] INFO config | || |__ | |/ [ |] || [ [ | | \ [2023-04-04 21:22:26,401] INFO config | | | | | | _ ] | | | ] ] | |/ [2023-04-04 21:22:26,401] INFO config
[2023-04-04 21:22:27,480] INFO processor/main
[2023-04-04 21:22:27,480] INFO processor/main __ __ [2023-04-04 21:22:27,480] INFO processor/main | | | | |] | | |/ | [2023-04-04 21:22:27,480] INFO processor/main | | | | | || | _ | [2023-04-04 21:22:27,480] INFO processor/main
[2023-04-04 21:22:27,480] INFO processor/main
[2023-04-04 21:22:27,480] INFO processor/main __ _ _ _ ____ ___ [2023-04-04 21:22:27,480] INFO processor/main / T| \ | T | / ]| \ / / / T| \ l j / ]/ / [2023-04-04 21:22:27,480] INFO processor/main Y o || \ | | | / [ | D )( _ Y o || D ) | T / [( _ [2023-04-04 21:22:27,480] INFO processor/main | || D Y| | |Y ]| / \ T| || / | | Y _]\ T [2023-04-04 21:22:27,480] INFO processor/main | || |l : !| [ | \ / \ || || \ | | | [ / \ | [2023-04-04 21:22:27,480] INFO processor/main | | || | \ / | T| . Y \ || | || . Y j l | T\ | [2023-04-04 21:22:27,480] INFO processor/main ljjl_j _/ ljlj_j \jljjlj_j|__jl__j \j [2023-04-04 21:22:27,480] INFO processor/main
[2023-04-04 21:22:27,480] INFO processor/main Start importing CrowdStrike Adversaries as events into MISP (past 730 days). [2023-04-04 21:22:27,480] INFO processor/main Retrieving all adversaries. [2023-04-04 21:22:28,514] INFO processor/main Got 55 adversaries from the Crowdstrike Intel API. [2023-04-04 21:22:29,832] WARNING processor/thread_0 Adversary OCTANE PANDA missing field first_activity_date. [2023-04-04 21:22:29,858] DEBUG processor/thread_10 Created adversary event for SCATTERED SPIDER [2023-04-04 21:22:29,862] DEBUG processor/thread_7 Created adversary event for OUTBREAK SPIDER [2023-04-04 21:22:29,863] DEBUG processor/thread_11 Created adversary event for HOLIDAY SPIDER [2023-04-04 21:22:29,865] DEBUG processor/thread_1 Created adversary event for FERAL SPIDER [2023-04-04 21:22:29,873] DEBUG processor/thread_13 Created adversary event for SHINING SPIDER [2023-04-04 21:22:29,874] DEBUG processor/thread_8 Created adversary event for HIDDEN SPIDER [2023-04-04 21:22:29,881] DEBUG processor/thread_14 Created adversary event for CHRONO KITTEN [2023-04-04 21:22:29,886] DEBUG processor/thread_15 Created adversary event for HAYWIRE KITTEN [2023-04-04 21:22:29,888] DEBUG processor/thread_0 Created adversary event for OCTANE PANDA [2023-04-04 21:22:29,890] DEBUG processor/thread_2 Created adversary event for SPECTRAL KITTEN [2023-04-04 21:22:29,891] DEBUG processor/thread_3 Created adversary event for SHATTERED PANDA [2023-04-04 21:22:29,893] DEBUG processor/thread_9 Created adversary event for SLIPPY SPIDER [2023-04-04 21:22:29,896] DEBUG processor/thread_6 Created adversary event for COMPASS SPIDER [2023-04-04 21:22:29,897] DEBUG processor/thread_12 Created adversary event for SAMBA SPIDER [2023-04-04 21:22:29,902] DEBUG processor/thread_4 Created adversary event for CYBORG SPIDER [2023-04-04 21:22:29,916] DEBUG processor/thread_5 Created adversary event for ALCHEMIST SPIDER [2023-04-04 21:22:30,445] DEBUG processor/thread_10 Created adversary event for COSMIC WOLF [2023-04-04 21:22:30,456] DEBUG processor/thread_12 Created adversary event for PARTISAN JACKAL [2023-04-04 21:22:30,476] DEBUG processor/thread_11 Created adversary event for LILY SPIDER [2023-04-04 21:22:30,489] DEBUG processor/thread_1 Created adversary event for VAPOR PANDA [2023-04-04 21:22:30,499] DEBUG processor/thread_7 Created adversary event for EMBER BEAR [2023-04-04 21:22:30,506] DEBUG processor/thread_13 Created adversary event for CHARIOT SPIDER [2023-04-04 21:22:30,526] DEBUG processor/thread_8 Created adversary event for WANDERING SPIDER [2023-04-04 21:22:30,766] DEBUG processor/thread_6 Created adversary event for VICE SPIDER [2023-04-04 21:22:30,869] DEBUG processor/thread_9 Created adversary event for ALPHA SPIDER [2023-04-04 21:22:30,879] DEBUG processor/thread_5 Created adversary event for RECESS SPIDER [2023-04-04 21:22:30,894] DEBUG processor/thread_11 Created adversary event for HIVE SPIDER [2023-04-04 21:22:30,920] DEBUG processor/thread_4 Created adversary event for DEADEYE HAWK [2023-04-04 21:22:31,122] DEBUG processor/thread_15 Created adversary event for GALACTIC OCELOT [2023-04-04 21:22:31,161] DEBUG processor/thread_13 Created adversary event for VERTIGO PANDA [2023-04-04 21:22:31,208] DEBUG processor/thread_6 Created adversary event for BLIND SPIDER [2023-04-04 21:22:31,222] WARNING pymisp/thread_8 The value of the attribute you're trying to add is an empty string, skipping it. Object relation: alias [2023-04-04 21:22:31,223] DEBUG processor/thread_8 Created adversary event for VENGEFUL KITTEN [2023-04-04 21:22:31,253] DEBUG processor/thread_3 Created adversary event for CHAOTIC SPIDER [2023-04-04 21:22:31,324] DEBUG processor/thread_0 Created adversary event for AQUATIC PANDA [2023-04-04 21:22:31,429] DEBUG processor/thread_5 Created adversary event for BRAIN SPIDER [2023-04-04 21:22:31,467] DEBUG processor/thread_9 Created adversary event for AVIATOR SPIDER [2023-04-04 21:22:31,535] DEBUG processor/thread_11 Created adversary event for FRINGE LEOPARD [2023-04-04 21:22:31,549] DEBUG processor/thread_12 Created adversary event for HAZY TIGER [2023-04-04 21:22:31,616] DEBUG processor/thread_14 Created adversary event for MIRAGE TIGER [2023-04-04 21:22:31,728] DEBUG processor/thread_6 Created adversary event for VETO SPIDER [2023-04-04 21:22:31,761] WARNING processor/thread_3 Adversary DEMON SPIDER missing field first_activity_date. [2023-04-04 21:22:31,761] WARNING processor/thread_3 Adversary DEMON SPIDER missing field last_activity_date. [2023-04-04 21:22:31,762] DEBUG processor/thread_3 Created adversary event for DEMON SPIDER [2023-04-04 21:22:31,856] DEBUG processor/thread_5 Created adversary event for BANISHED KITTEN [2023-04-04 21:22:31,994] DEBUG processor/thread_2 Created adversary event for ROYAL SPIDER [2023-04-04 21:22:32,011] DEBUG processor/thread_9 Created adversary event for BITWISE SPIDER [2023-04-04 21:22:32,016] WARNING processor/thread_3 Could not add or tag event ADV-203346 DEMON SPIDER (eCrime). Will retry in 0.3 seconds. day is out of range for month: 0 [2023-04-04 21:22:32,120] DEBUG processor/thread_7 Created adversary event for GOSSAMER BEAR [2023-04-04 21:22:32,152] DEBUG processor/thread_6 Created adversary event for REGAL JACKAL [2023-04-04 21:22:32,173] WARNING processor/thread_1 Adversary INTREPID JACKAL missing field first_activity_date. [2023-04-04 21:22:32,173] WARNING processor/thread_1 Adversary INTREPID JACKAL missing field last_activity_date. [2023-04-04 21:22:32,174] DEBUG processor/thread_1 Created adversary event for INTREPID JACKAL [2023-04-04 21:22:32,389] DEBUG processor/thread_2 Created adversary event for OUTRIDER TIGER [2023-04-04 21:22:32,417] WARNING processor/thread_10 Adversary VAMPIRE SPIDER missing field last_activity_date. [2023-04-04 21:22:32,425] WARNING pymisp/thread_10 The value of the attribute you're trying to add is an empty string, skipping it. Object relation: alias [2023-04-04 21:22:32,424] DEBUG processor/thread_3 Created adversary event for NEMESIS KITTEN [2023-04-04 21:22:32,426] DEBUG processor/thread_10 Created adversary event for VAMPIRE SPIDER [2023-04-04 21:22:32,431] DEBUG processor/thread_4 Created adversary event for ETHEREAL PANDA [2023-04-04 21:22:32,607] DEBUG processor/thread_13 Created adversary event for QUANTUM SPIDER [2023-04-04 21:22:32,657] DEBUG processor/thread_8 Created adversary event for SUNRISE PANDA [2023-04-04 21:22:32,693] DEBUG processor/thread_9 Created adversary event for HERMIT SPIDER [2023-04-04 21:22:32,867] DEBUG processor/thread_10 Created adversary event for JACKPOT PANDA [2023-04-04 21:22:33,724] WARNING processor/thread_1 Could not add or tag event ADV-137920 INTREPID JACKAL (Hacktivist). Will retry in 0.3 seconds. day is out of range for month: 0 [2023-04-04 21:22:34,424] INFO processor/main Completed import of 55 CrowdStrike adversaries into MISP. [2023-04-04 21:22:34,424] INFO processor/main Finished importing CrowdStrike Adversaries as events into MISP. [2023-04-04 21:22:34,425] INFO processor/main Completed import of adversaries into MISP in 6.95 seconds [2023-04-04 21:22:34,426] INFO processor/main
[2023-04-04 21:22:34,426] INFO processor/main __ _ __ _ __ [2023-04-04 21:22:34,426] INFO processor/main | \ / ]| \ / \ | | T/ __/ [2023-04-04 21:22:34,426] INFO processor/main | D ) / [ | o )Y Y| D ) ( _ [2023-04-04 21:22:34,426] INFO processor/main | / Y ]| / | O || /l_j l_j\ T [2023-04-04 21:22:34,426] INFO processor/main | \ | [_ | | | || \ | | / \ | [2023-04-04 21:22:34,426] INFO processor/main | . Y| T| | l !| . Y | | \ | [2023-04-04 21:22:34,426] INFO processor/main lj_jljlj \/ lj_j lj ___j [2023-04-04 21:22:34,426] INFO processor/main
[2023-04-04 21:22:34,426] INFO processor/main Starting import of CrowdStrike Threat Intelligence reports as events (past 365 days). [2023-04-04 21:22:34,426] INFO processor/main Retrieving all available report types.