{ "type": "URL", "indicator": "https://www.angusj.com/resourcehacker/", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://www.angusj.com/resourcehacker/", "type": "url", "type_title": "URL", "validation": [ { "source": "majestic", "message": "Whitelisted domain angusj.com", "name": "Whitelisted domain" } ], "base_indicator": { "id": 4160769206, "indicator": "https://www.angusj.com/resourcehacker/", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 3, "pulses": [ { "id": "69ba529d0fc1ac3cc2eff12c", "name": "Redline Freddy Bear Dropper VECT Ransomware UAlberta - 03.18.26", "description": "YARAify scan results for a file related to Toolkit V12.5\n\nOffice of DOS staff inserted USB into office device during a google meeting with CISO // dosdean@ualberta.ca & ciso@ualberta.ca", "modified": "2026-04-17T07:28:22.645000", "created": "2026-03-18T07:22:02.571000", "tags": [ "abuse.ch", "yara", "scan", "engine", "create hunting", "repository", "alert create", "description", "rule name", "results static", "analysis", "borland alert", "powershell", "ascii", "freddy bear", "white", "clamav", "yaraify yara", "scan hunting", "alerts access", "data search", "login yaraify", "task results", "first", "cookie", "yaraify", "yara task", "results yara", "data yarahub", "search faq", "login", "html help", "javascript", "dfir report", "macho", "vect", "unicode", "justin cornwell", "mustafa bakhit", "sandbox", "malware", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "hybrid analysis", "api key", "vetting process", "please note", "please" ], "references": [ "https://yaraify.abuse.ch/scan/results/4db6751a-2277-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bb58c8a9-228d-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0edce75a-228e-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/c3cd1dbb-228e-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/9a5548b3-228f-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/d597f489-2292-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a42bfcdd-2293-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a86a3a00-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/f86c1139-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/16e0f40a-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/5508ae12-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bc11b5e4-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/2033bd1a-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bd6a6dfe-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/f2a2b769-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/3b706943-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/cf2089a7-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0ec28d11-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/68b5d4be-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/fa8a27cd-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/40685488-2299-11f1-b47f-42010aa4000b", "http://hybrid-analysis.com/file-collection/69ba508bac4e118e370079f8", "https://www.virustotal.com/graph/embed/gaf919e37349d496b93abeaec34327c32dc95aeda490c4575a3f6688da504a2f6?theme=dark", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d/iocs", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d" ], "public": 1, "adversary": "", "targeted_countries": [ "Canada" ], "malware_families": [ { "id": "Freddy Bear", "display_name": "Freddy Bear", "target": null }, { "id": "VECT", "display_name": "VECT", "target": null }, { "id": "PWS:MSIL/RedLine", "display_name": "PWS:MSIL/RedLine", "target": "/malware/PWS:MSIL/RedLine" }, { "id": "ALF:Trojan:MSIL/Redline", "display_name": "ALF:Trojan:MSIL/Redline", "target": null }, { "id": "ALF:Trojan:Win64/CobaltStrikeBeacon", "display_name": "ALF:Trojan:Win64/CobaltStrikeBeacon", "target": null } ], "attack_ids": [], "industries": [ "Education" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "UCP_GoA23", "id": "382539", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_382539/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 116, "FileHash-SHA1": 110, "FileHash-SHA256": 490, "URL": 21, "domain": 180, "email": 2, "hostname": 320 }, "indicator_count": 1239, "is_author": false, "is_subscribing": null, "subscriber_count": 18, "modified_text": "44 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "693ac21225c36da419dbd4f1", "name": "EbeeDec2025 Pt2", "description": "Multiple APT/threat actors, Malware and Campaigns", "modified": "2026-01-10T13:01:53.320000", "created": "2025-12-11T13:07:30.549000", "tags": [ "filehashsha256", "filehashsha1", "filehashmd5", "filename", "cve20251338 cve", "bitcoinaddress" ], "references": [ "Book1.csv" ], "public": 1, "adversary": "ShanyaUDPGangster, CastleRAT, StreamSpy, FvncBot, Multi-Stage Attack Chain using malicious VSCode Ex", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 95, "hostname": 42, "CIDR": 1, "CVE": 2, "FileHash-MD5": 193, "FileHash-SHA1": 230, "FileHash-SHA256": 224, "domain": 99, "email": 1 }, "indicator_count": 887, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "141 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "693a8d6c8dcd900a702ea750", "name": "Cracking ValleyRAT: From Builder Secrets to Kernel Rootkits", "description": "Check Point Research conducted a thorough technical analysis of the ValleyRAT malware, also referred to as Winos or Winos4.0. The research primarily focuses on ValleyRAT's sophisticated modular architecture and plugin system, revealing significant insights into its potentially broad deployment following the public release of its builder. This malware notably includes a kernel-mode rootkit within its \u201cDriver Plugin,\u201d which retains valid signatures that allow it to operate on updated Windows 11 systems, thereby circumventing native security features.", "modified": "2025-12-11T09:22:52.119000", "created": "2025-12-11T09:22:52.119000", "tags": [ "valleyrat", "labc", "corporationc", "windows", "hidden rootkit", "driver plugin", "silver fox", "plugin", "studio", "lief", "stealth", "rootkit", "june", "virustotal", "extractor", "keylogger", "telegram", "enumerate", "trigger", "shellcode", "into" ], "references": [ "https://research.checkpoint.com/2025/cracking-valleyrat-from-builder-secrets-to-kernel-rootkits/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1114", "name": "Email Collection", "display_name": "T1114 - Email Collection" }, { "id": "T1055.004", "name": "Asynchronous Procedure Call", "display_name": "T1055.004 - Asynchronous Procedure Call" }, { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1112", "name": "Modify Registry", "display_name": "T1112 - Modify Registry" }, { "id": "T1547.006", "name": "Kernel Modules and Extensions", "display_name": "T1547.006 - Kernel Modules and Extensions" }, { "id": "T1562.001", "name": "Disable or Modify Tools", "display_name": "T1562.001 - Disable or Modify Tools" } ], "industries": [ "Entertainment" ], "TLP": "green", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "PetrP.73", "id": "154605", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 39, "FileHash-SHA1": 39, "FileHash-SHA256": 39, "URL": 3, "domain": 2, "hostname": 2 }, "indicator_count": 124, "is_author": false, "is_subscribing": null, "subscriber_count": 539, "modified_text": "171 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://yaraify.abuse.ch/scan/results/c3cd1dbb-228e-11f1-b47f-42010aa4000b", "Book1.csv", "https://yaraify.abuse.ch/scan/results/bb58c8a9-228d-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/cf2089a7-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/16e0f40a-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bc11b5e4-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/68b5d4be-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/f2a2b769-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bd6a6dfe-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0ec28d11-2298-11f1-b47f-42010aa4000b", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d/iocs", "https://yaraify.abuse.ch/scan/results/9a5548b3-228f-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/4db6751a-2277-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a86a3a00-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/40685488-2299-11f1-b47f-42010aa4000b", "https://research.checkpoint.com/2025/cracking-valleyrat-from-builder-secrets-to-kernel-rootkits/", "https://yaraify.abuse.ch/scan/results/5508ae12-2295-11f1-b47f-42010aa4000b", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d", "https://yaraify.abuse.ch/scan/results/f86c1139-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/d597f489-2292-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0edce75a-228e-11f1-b47f-42010aa4000b", "https://www.virustotal.com/graph/embed/gaf919e37349d496b93abeaec34327c32dc95aeda490c4575a3f6688da504a2f6?theme=dark", "https://yaraify.abuse.ch/scan/results/3b706943-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/2033bd1a-2296-11f1-b47f-42010aa4000b", "http://hybrid-analysis.com/file-collection/69ba508bac4e118e370079f8", "https://yaraify.abuse.ch/scan/results/fa8a27cd-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a42bfcdd-2293-11f1-b47f-42010aa4000b" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [ "ShanyaUDPGangster, CastleRAT, StreamSpy, FvncBot, Multi-Stage Attack Chain using malicious VSCode Ex" ], "malware_families": [ "Alf:trojan:win64/cobaltstrikebeacon", "Alf:trojan:msil/redline", "Freddy bear", "Vect", "Pws:msil/redline" ], "industries": [ "Education", "Entertainment" ], "unique_indicators": 2281 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/angusj.com", "whois": "http://whois.domaintools.com/angusj.com", "domain": "angusj.com", "hostname": "www.angusj.com" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 3, "pulses": [ { "id": "69ba529d0fc1ac3cc2eff12c", "name": "Redline Freddy Bear Dropper VECT Ransomware UAlberta - 03.18.26", "description": "YARAify scan results for a file related to Toolkit V12.5\n\nOffice of DOS staff inserted USB into office device during a google meeting with CISO // dosdean@ualberta.ca & ciso@ualberta.ca", "modified": "2026-04-17T07:28:22.645000", "created": "2026-03-18T07:22:02.571000", "tags": [ "abuse.ch", "yara", "scan", "engine", "create hunting", "repository", "alert create", "description", "rule name", "results static", "analysis", "borland alert", "powershell", "ascii", "freddy bear", "white", "clamav", "yaraify yara", "scan hunting", "alerts access", "data search", "login yaraify", "task results", "first", "cookie", "yaraify", "yara task", "results yara", "data yarahub", "search faq", "login", "html help", "javascript", "dfir report", "macho", "vect", "unicode", "justin cornwell", "mustafa bakhit", "sandbox", "malware", "online", "submit", "vxstream", "sample", "download", "trojan", "apt", "hybrid analysis", "api key", "vetting process", "please note", "please" ], "references": [ "https://yaraify.abuse.ch/scan/results/4db6751a-2277-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bb58c8a9-228d-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0edce75a-228e-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/c3cd1dbb-228e-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/9a5548b3-228f-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/d597f489-2292-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a42bfcdd-2293-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/a86a3a00-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/f86c1139-2294-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/16e0f40a-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/5508ae12-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bc11b5e4-2295-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/2033bd1a-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/bd6a6dfe-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/f2a2b769-2296-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/3b706943-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/cf2089a7-2297-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/0ec28d11-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/68b5d4be-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/fa8a27cd-2298-11f1-b47f-42010aa4000b", "https://yaraify.abuse.ch/scan/results/40685488-2299-11f1-b47f-42010aa4000b", "http://hybrid-analysis.com/file-collection/69ba508bac4e118e370079f8", "https://www.virustotal.com/graph/embed/gaf919e37349d496b93abeaec34327c32dc95aeda490c4575a3f6688da504a2f6?theme=dark", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d/iocs", "https://www.virustotal.com/gui/collection/0b82c99e24339dfb6ff24461e24f4954d1a1d94d4a3c040169cb689cc6bb4c1d" ], "public": 1, "adversary": "", "targeted_countries": [ "Canada" ], "malware_families": [ { "id": "Freddy Bear", "display_name": "Freddy Bear", "target": null }, { "id": "VECT", "display_name": "VECT", "target": null }, { "id": "PWS:MSIL/RedLine", "display_name": "PWS:MSIL/RedLine", "target": "/malware/PWS:MSIL/RedLine" }, { "id": "ALF:Trojan:MSIL/Redline", "display_name": "ALF:Trojan:MSIL/Redline", "target": null }, { "id": "ALF:Trojan:Win64/CobaltStrikeBeacon", "display_name": "ALF:Trojan:Win64/CobaltStrikeBeacon", "target": null } ], "attack_ids": [], "industries": [ "Education" ], "TLP": "white", "cloned_from": null, "export_count": 0, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "UCP_GoA23", "id": "382539", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_382539/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 116, "FileHash-SHA1": 110, "FileHash-SHA256": 490, "URL": 21, "domain": 180, "email": 2, "hostname": 320 }, "indicator_count": 1239, "is_author": false, "is_subscribing": null, "subscriber_count": 18, "modified_text": "44 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "693ac21225c36da419dbd4f1", "name": "EbeeDec2025 Pt2", "description": "Multiple APT/threat actors, Malware and Campaigns", "modified": "2026-01-10T13:01:53.320000", "created": "2025-12-11T13:07:30.549000", "tags": [ "filehashsha256", "filehashsha1", "filehashmd5", "filename", "cve20251338 cve", "bitcoinaddress" ], "references": [ "Book1.csv" ], "public": 1, "adversary": "ShanyaUDPGangster, CastleRAT, StreamSpy, FvncBot, Multi-Stage Attack Chain using malicious VSCode Ex", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "IMEBEEIMFINE", "id": "343873", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "URL": 95, "hostname": 42, "CIDR": 1, "CVE": 2, "FileHash-MD5": 193, "FileHash-SHA1": 230, "FileHash-SHA256": 224, "domain": 99, "email": 1 }, "indicator_count": 887, "is_author": false, "is_subscribing": null, "subscriber_count": 39, "modified_text": "141 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "693a8d6c8dcd900a702ea750", "name": "Cracking ValleyRAT: From Builder Secrets to Kernel Rootkits", "description": "Check Point Research conducted a thorough technical analysis of the ValleyRAT malware, also referred to as Winos or Winos4.0. The research primarily focuses on ValleyRAT's sophisticated modular architecture and plugin system, revealing significant insights into its potentially broad deployment following the public release of its builder. This malware notably includes a kernel-mode rootkit within its \u201cDriver Plugin,\u201d which retains valid signatures that allow it to operate on updated Windows 11 systems, thereby circumventing native security features.", "modified": "2025-12-11T09:22:52.119000", "created": "2025-12-11T09:22:52.119000", "tags": [ "valleyrat", "labc", "corporationc", "windows", "hidden rootkit", "driver plugin", "silver fox", "plugin", "studio", "lief", "stealth", "rootkit", "june", "virustotal", "extractor", "keylogger", "telegram", "enumerate", "trigger", "shellcode", "into" ], "references": [ "https://research.checkpoint.com/2025/cracking-valleyrat-from-builder-secrets-to-kernel-rootkits/" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1114", "name": "Email Collection", "display_name": "T1114 - Email Collection" }, { "id": "T1055.004", "name": "Asynchronous Procedure Call", "display_name": "T1055.004 - Asynchronous Procedure Call" }, { "id": "T1056.001", "name": "Keylogging", "display_name": "T1056.001 - Keylogging" }, { "id": "T1106", "name": "Native API", "display_name": "T1106 - Native API" }, { "id": "T1112", "name": "Modify Registry", "display_name": "T1112 - Modify Registry" }, { "id": "T1547.006", "name": "Kernel Modules and Extensions", "display_name": "T1547.006 - Kernel Modules and Extensions" }, { "id": "T1562.001", "name": "Disable or Modify Tools", "display_name": "T1562.001 - Disable or Modify Tools" } ], "industries": [ "Entertainment" ], "TLP": "green", "cloned_from": null, "export_count": 4, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "PetrP.73", "id": "154605", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-MD5": 39, "FileHash-SHA1": 39, "FileHash-SHA256": 39, "URL": 3, "domain": 2, "hostname": 2 }, "indicator_count": 124, "is_author": false, "is_subscribing": null, "subscriber_count": 539, "modified_text": "171 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://www.angusj.com/resourcehacker/", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://www.angusj.com/resourcehacker/", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780249239.5758536 }