cti-ATT-CK-v13.1/enterprise-attack/relationship/relationship--0051db4d-9eb9-4b22-93a5-b6593176da75.json

{
    "type": "bundle",
    "id": "bundle--15fff596-7d71-4524-946f-ac1576cef1cb",
    "spec_version": "2.0",
    "objects": [
        {
            "type": "relationship",
            "id": "relationship--0051db4d-9eb9-4b22-93a5-b6593176da75",
            "created": "2023-01-03T20:25:02.218Z",
            "revoked": false,
            "external_references": [
                {
                    "source_name": "Mandiant APT41",
                    "description": "Rufus Brown, Van Ta, Douglas Bienstock, Geoff Ackerman, John Wolfram. (2022, March 8). Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments. Retrieved July 8, 2022.",
                    "url": "https://www.mandiant.com/resources/apt41-us-state-governments"
                }
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "modified": "2023-01-03T20:25:02.218Z",
            "description": "[DEADEYE](https://attack.mitre.org/software/S1052) has encrypted its payload.(Citation: Mandiant APT41)",
            "relationship_type": "uses",
            "source_ref": "malware--c46eb8e6-bf29-4696-8008-3ddb0b4ca470",
            "target_ref": "attack-pattern--b3d682b6-98f2-4fb0-aa3b-b4df007ca70a",
            "x_mitre_deprecated": false,
            "x_mitre_version": "0.1",
            "x_mitre_attack_spec_version": "3.1.0",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
        }
    ]
}