{
  "sha256": "a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4",
  "md5": "a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4",
  "sha1": "a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4a1b2c3d4",
  "file_name": "update.exe",
  "file_type": "PE32 executable",
  "date_shared": "2025-07-14",
  "threat_actor": "Sandworm",
  "nation_state": "North Korea",
  "malware_family": "BlackEnergy",
  "malware_type": "Rootkit",
  "virustotal_url": "https://www.cybercom.mil/Media/News/Article/3456789/",
  "advisory_url": "https://www.cybercom.mil/Media/News/Article/3456789/",
  "iocs": [
    {
      "type": "Registry Key",
      "value": "sample-value"
    }
  ]
}