|
These ATT&CK Navigator layer files can be uploaded to ATT&CK Navigator manually.
This JSON file contains the machine readble output used to create this page: changelog.json
Current version: 1.1
Version changed from: 1.0 → 1.1
Old Description | New Description | ||||
---|---|---|---|---|---|
t | 1 | Adversaries may create accounts with cloud providers that ca | t | 1 | Adversaries may create accounts with cloud providers that ca |
> | n be used during targeting. Adversaries can use cloud accoun | > | n be used during targeting. Adversaries can use cloud accoun | ||
> | ts to further their operations, including leveraging cloud s | > | ts to further their operations, including leveraging cloud s | ||
> | torage services such as Dropbox, Microsoft OneDrive, or AWS | > | torage services such as Dropbox, MEGA, Microsoft OneDrive, o | ||
> | S3 buckets for [Exfiltration to Cloud Storage](https://attac | > | r AWS S3 buckets for [Exfiltration to Cloud Storage](https:/ | ||
> | k.mitre.org/techniques/T1567/002) or to [Upload Tool](https: | > | /attack.mitre.org/techniques/T1567/002) or to [Upload Tool]( | ||
> | //attack.mitre.org/techniques/T1608/002)s. Cloud accounts ca | > | https://attack.mitre.org/techniques/T1608/002)s. Cloud accou | ||
> | n also be used in the acquisition of infrastructure, such as | > | nts can also be used in the acquisition of infrastructure, s | ||
> | [Virtual Private Server](https://attack.mitre.org/technique | > | uch as [Virtual Private Server](https://attack.mitre.org/tec | ||
> | s/T1583/003)s or [Serverless](https://attack.mitre.org/techn | > | hniques/T1583/003)s or [Serverless](https://attack.mitre.org | ||
> | iques/T1583/007) infrastructure. Establishing cloud accounts | > | /techniques/T1583/007) infrastructure. Establishing cloud ac | ||
> | may allow adversaries to develop sophisticated capabilities | > | counts may allow adversaries to develop sophisticated capabi | ||
> | without managing their own servers.(Citation: Awake Securit | > | lities without managing their own servers.(Citation: Awake S | ||
> | y C2 Cloud) Creating [Cloud Accounts](https://attack.mitre. | > | ecurity C2 Cloud) Creating [Cloud Accounts](https://attack. | ||
> | org/techniques/T1585/003) may also require adversaries to es | > | mitre.org/techniques/T1585/003) may also require adversaries | ||
> | tablish [Email Accounts](https://attack.mitre.org/techniques | > | to establish [Email Accounts](https://attack.mitre.org/tech | ||
> | /T1585/002) to register with the cloud provider. | > | niques/T1585/002) to register with the cloud provider. |
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 14:20:59.175000+00:00 | 2022-10-25 15:49:14.785000+00:00 |
description | Adversaries may create accounts with cloud providers that can be used during targeting. Adversaries can use cloud accounts to further their operations, including leveraging cloud storage services such as Dropbox, Microsoft OneDrive, or AWS S3 buckets for [Exfiltration to Cloud Storage](https://attack.mitre.org/techniques/T1567/002) or to [Upload Tool](https://attack.mitre.org/techniques/T1608/002)s. Cloud accounts can also be used in the acquisition of infrastructure, such as [Virtual Private Server](https://attack.mitre.org/techniques/T1583/003)s or [Serverless](https://attack.mitre.org/techniques/T1583/007) infrastructure. Establishing cloud accounts may allow adversaries to develop sophisticated capabilities without managing their own servers.(Citation: Awake Security C2 Cloud) Creating [Cloud Accounts](https://attack.mitre.org/techniques/T1585/003) may also require adversaries to establish [Email Accounts](https://attack.mitre.org/techniques/T1585/002) to register with the cloud provider. | Adversaries may create accounts with cloud providers that can be used during targeting. Adversaries can use cloud accounts to further their operations, including leveraging cloud storage services such as Dropbox, MEGA, Microsoft OneDrive, or AWS S3 buckets for [Exfiltration to Cloud Storage](https://attack.mitre.org/techniques/T1567/002) or to [Upload Tool](https://attack.mitre.org/techniques/T1608/002)s. Cloud accounts can also be used in the acquisition of infrastructure, such as [Virtual Private Server](https://attack.mitre.org/techniques/T1583/003)s or [Serverless](https://attack.mitre.org/techniques/T1583/007) infrastructure. Establishing cloud accounts may allow adversaries to develop sophisticated capabilities without managing their own servers.(Citation: Awake Security C2 Cloud) Creating [Cloud Accounts](https://attack.mitre.org/techniques/T1585/003) may also require adversaries to establish [Email Accounts](https://attack.mitre.org/techniques/T1585/002) to register with the cloud provider. |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_version | 1.0 | 1.1 |
Current version: 1.4
Version changed from: 1.3 → 1.4
Old Description | New Description | ||||
---|---|---|---|---|---|
t | 1 | By responding to LLMNR/NBT-NS network traffic, adversaries m | t | 1 | By responding to LLMNR/NBT-NS network traffic, adversaries m |
> | ay spoof an authoritative source for name resolution to forc | > | ay spoof an authoritative source for name resolution to forc | ||
> | e communication with an adversary controlled system. This ac | > | e communication with an adversary controlled system. This ac | ||
> | tivity may be used to collect or relay authentication materi | > | tivity may be used to collect or relay authentication materi | ||
> | als. Link-Local Multicast Name Resolution (LLMNR) and NetB | > | als. Link-Local Multicast Name Resolution (LLMNR) and NetB | ||
> | IOS Name Service (NBT-NS) are Microsoft Windows components t | > | IOS Name Service (NBT-NS) are Microsoft Windows components t | ||
> | hat serve as alternate methods of host identification. LLMNR | > | hat serve as alternate methods of host identification. LLMNR | ||
> | is based upon the Domain Name System (DNS) format and allow | > | is based upon the Domain Name System (DNS) format and allow | ||
> | s hosts on the same local link to perform name resolution fo | > | s hosts on the same local link to perform name resolution fo | ||
> | r other hosts. NBT-NS identifies systems on a local network | > | r other hosts. NBT-NS identifies systems on a local network | ||
> | by their NetBIOS name. (Citation: Wikipedia LLMNR)(Citation: | > | by their NetBIOS name. (Citation: Wikipedia LLMNR)(Citation: | ||
> | TechNet NetBIOS) Adversaries can spoof an authoritative so | > | TechNet NetBIOS) Adversaries can spoof an authoritative so | ||
> | urce for name resolution on a victim network by responding t | > | urce for name resolution on a victim network by responding t | ||
> | o LLMNR (UDP 5355)/NBT-NS (UDP 137) traffic as if they know | > | o LLMNR (UDP 5355)/NBT-NS (UDP 137) traffic as if they know | ||
> | the identity of the requested host, effectively poisoning th | > | the identity of the requested host, effectively poisoning th | ||
> | e service so that the victims will communicate with the adve | > | e service so that the victims will communicate with the adve | ||
> | rsary controlled system. If the requested host belongs to a | > | rsary controlled system. If the requested host belongs to a | ||
> | resource that requires identification/authentication, the us | > | resource that requires identification/authentication, the us | ||
> | ername and NTLMv2 hash will then be sent to the adversary co | > | ername and NTLMv2 hash will then be sent to the adversary co | ||
> | ntrolled system. The adversary can then collect the hash inf | > | ntrolled system. The adversary can then collect the hash inf | ||
> | ormation sent over the wire through tools that monitor the p | > | ormation sent over the wire through tools that monitor the p | ||
> | orts for traffic or through [Network Sniffing](https://attac | > | orts for traffic or through [Network Sniffing](https://attac | ||
> | k.mitre.org/techniques/T1040) and crack the hashes offline t | > | k.mitre.org/techniques/T1040) and crack the hashes offline t | ||
> | hrough [Brute Force](https://attack.mitre.org/techniques/T11 | > | hrough [Brute Force](https://attack.mitre.org/techniques/T11 | ||
> | 10) to obtain the plaintext passwords. In some cases where | > | 10) to obtain the plaintext passwords. In some cases where | ||
> | an adversary has access to a system that is in the authentic | > | an adversary has access to a system that is in the authentic | ||
> | ation path between systems or when automated scans that use | > | ation path between systems or when automated scans that use | ||
> | credentials attempt to authenticate to an adversary controll | > | credentials attempt to authenticate to an adversary controll | ||
> | ed system, the NTLMv2 hashes can be intercepted and relayed | > | ed system, the NTLMv1/v2 hashes can be intercepted and relay | ||
> | to access and execute code against a target system. The rela | > | ed to access and execute code against a target system. The r | ||
> | y step can happen in conjunction with poisoning but may also | > | elay step can happen in conjunction with poisoning but may a | ||
> | be independent of it.(Citation: byt3bl33d3r NTLM Relaying)( | > | lso be independent of it.(Citation: byt3bl33d3r NTLM Relayin | ||
> | Citation: Secure Ideas SMB Relay) Additionally, adversaries | > | g)(Citation: Secure Ideas SMB Relay) Additionally, adversari | ||
> | may encapsulate the NTLMv1/v2 hashes into various protocols, | > | es may encapsulate the NTLMv1/v2 hashes into various protoco | ||
> | such as LDAP, SMB, MSSQL and HTTP, to expand and use multip | > | ls, such as LDAP, SMB, MSSQL and HTTP, to expand and use mul | ||
> | le services with the valid NTLM response. Several tools ma | > | tiple services with the valid NTLM response. Several tools | ||
> | y be used to poison name services within local networks such | > | may be used to poison name services within local networks s | ||
> | as NBNSpoof, Metasploit, and [Responder](https://attack.mit | > | uch as NBNSpoof, Metasploit, and [Responder](https://attack. | ||
> | re.org/software/S0174).(Citation: GitHub NBNSpoof)(Citation: | > | mitre.org/software/S0174).(Citation: GitHub NBNSpoof)(Citati | ||
> | Rapid7 LLMNR Spoofer)(Citation: GitHub Responder) | > | on: Rapid7 LLMNR Spoofer)(Citation: GitHub Responder) |
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-18 20:13:48.423000+00:00 | 2022-10-25 15:46:55.393000+00:00 |
description | By responding to LLMNR/NBT-NS network traffic, adversaries may spoof an authoritative source for name resolution to force communication with an adversary controlled system. This activity may be used to collect or relay authentication materials. Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are Microsoft Windows components that serve as alternate methods of host identification. LLMNR is based upon the Domain Name System (DNS) format and allows hosts on the same local link to perform name resolution for other hosts. NBT-NS identifies systems on a local network by their NetBIOS name. (Citation: Wikipedia LLMNR)(Citation: TechNet NetBIOS) Adversaries can spoof an authoritative source for name resolution on a victim network by responding to LLMNR (UDP 5355)/NBT-NS (UDP 137) traffic as if they know the identity of the requested host, effectively poisoning the service so that the victims will communicate with the adversary controlled system. If the requested host belongs to a resource that requires identification/authentication, the username and NTLMv2 hash will then be sent to the adversary controlled system. The adversary can then collect the hash information sent over the wire through tools that monitor the ports for traffic or through [Network Sniffing](https://attack.mitre.org/techniques/T1040) and crack the hashes offline through [Brute Force](https://attack.mitre.org/techniques/T1110) to obtain the plaintext passwords. In some cases where an adversary has access to a system that is in the authentication path between systems or when automated scans that use credentials attempt to authenticate to an adversary controlled system, the NTLMv2 hashes can be intercepted and relayed to access and execute code against a target system. The relay step can happen in conjunction with poisoning but may also be independent of it.(Citation: byt3bl33d3r NTLM Relaying)(Citation: Secure Ideas SMB Relay) Additionally, adversaries may encapsulate the NTLMv1/v2 hashes into various protocols, such as LDAP, SMB, MSSQL and HTTP, to expand and use multiple services with the valid NTLM response. Several tools may be used to poison name services within local networks such as NBNSpoof, Metasploit, and [Responder](https://attack.mitre.org/software/S0174).(Citation: GitHub NBNSpoof)(Citation: Rapid7 LLMNR Spoofer)(Citation: GitHub Responder) | By responding to LLMNR/NBT-NS network traffic, adversaries may spoof an authoritative source for name resolution to force communication with an adversary controlled system. This activity may be used to collect or relay authentication materials. Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are Microsoft Windows components that serve as alternate methods of host identification. LLMNR is based upon the Domain Name System (DNS) format and allows hosts on the same local link to perform name resolution for other hosts. NBT-NS identifies systems on a local network by their NetBIOS name. (Citation: Wikipedia LLMNR)(Citation: TechNet NetBIOS) Adversaries can spoof an authoritative source for name resolution on a victim network by responding to LLMNR (UDP 5355)/NBT-NS (UDP 137) traffic as if they know the identity of the requested host, effectively poisoning the service so that the victims will communicate with the adversary controlled system. If the requested host belongs to a resource that requires identification/authentication, the username and NTLMv2 hash will then be sent to the adversary controlled system. The adversary can then collect the hash information sent over the wire through tools that monitor the ports for traffic or through [Network Sniffing](https://attack.mitre.org/techniques/T1040) and crack the hashes offline through [Brute Force](https://attack.mitre.org/techniques/T1110) to obtain the plaintext passwords. In some cases where an adversary has access to a system that is in the authentication path between systems or when automated scans that use credentials attempt to authenticate to an adversary controlled system, the NTLMv1/v2 hashes can be intercepted and relayed to access and execute code against a target system. The relay step can happen in conjunction with poisoning but may also be independent of it.(Citation: byt3bl33d3r NTLM Relaying)(Citation: Secure Ideas SMB Relay) Additionally, adversaries may encapsulate the NTLMv1/v2 hashes into various protocols, such as LDAP, SMB, MSSQL and HTTP, to expand and use multiple services with the valid NTLM response. Several tools may be used to poison name services within local networks such as NBNSpoof, Metasploit, and [Responder](https://attack.mitre.org/software/S0174).(Citation: GitHub NBNSpoof)(Citation: Rapid7 LLMNR Spoofer)(Citation: GitHub Responder) |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_data_sources[0] | Service: Service Creation | Network Traffic: Network Traffic Content |
x_mitre_data_sources[3] | Network Traffic: Network Traffic Content | Service: Service Creation |
x_mitre_version | 1.3 | 1.4 |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 13:57:35.259000+00:00 | 2022-10-26 18:01:20.520000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[0] | Vinayak Wadhwa, Lucideus | Matt Burrough, @mattburrough, Microsoft |
x_mitre_contributors[1] | Matt Burrough, @mattburrough, Microsoft | Vinayak Wadhwa, SAFE Security |
Current version: 2.0
STIX Field | Old value | New Value |
---|---|---|
x_mitre_attack_spec_version | 3.0.0 | |
x_mitre_deprecated | False |
STIX Field | Old value | New Value |
---|---|---|
x_mitre_permissions_required | ['Administrator', 'SYSTEM'] |
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-04-01 18:02:50.531000+00:00 | 2022-10-31 19:47:26.104000+00:00 |
external_references[1]['source_name'] | Mandiant M Trends 2011 | GCN RSA June 2011 |
external_references[1]['description'] | Mandiant. (2011, January 27). Mandiant M-Trends 2011. Retrieved January 10, 2016. | Jackson, William. (2011, June 7). RSA confirms its tokens used in Lockheed hack. Retrieved September 24, 2018. |
external_references[1]['url'] | https://dl.mandiant.com/EE/assets/PDF_MTrends_2011.pdf | https://gcn.com/cybersecurity/2011/06/rsa-confirms-its-tokens-used-in-lockheed-hack/282818/ |
external_references[2]['source_name'] | GCN RSA June 2011 | Mandiant M Trends 2011 |
external_references[2]['description'] | Jackson, William. (2011, June 7). RSA confirms its tokens used in Lockheed hack. Retrieved September 24, 2018. | Mandiant. (2011, January 27). Mandiant M-Trends 2011. Retrieved January 10, 2016. |
external_references[2]['url'] | https://gcn.com/articles/2011/06/07/rsa-confirms-tokens-used-to-hack-lockheed.aspx | https://dl.mandiant.com/EE/assets/PDF_MTrends_2011.pdf |
x_mitre_data_sources[0] | Windows Registry: Windows Registry Key Modification | Process: OS API Execution |
x_mitre_data_sources[2] | Process: OS API Execution | Windows Registry: Windows Registry Key Modification |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 17:53:05.462000+00:00 | 2022-10-27 14:16:24.490000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
STIX Field | Old value | New Value |
---|---|---|
x_mitre_contributors | Will Jolliffe |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-18 13:08:43.567000+00:00 | 2022-10-24 18:55:25.261000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[1] | Manikantan Srinivasan , NEC Corporation India | Pooja Natarajan, NEC Corporation India |
x_mitre_contributors[2] | Pooja Natarajan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-19 21:54:52.549000+00:00 | 2022-10-24 18:54:09.655000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[1] | Manikantan Srinivasan , NEC Corporation India | Pooja Natarajan, NEC Corporation India |
x_mitre_contributors[2] | Pooja Natarajan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-20 19:00:58.329000+00:00 | 2022-10-24 18:52:29.002000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[2] | Manikantan Srinivasan , NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 18:41:08.032000+00:00 | 2022-10-24 18:53:41.304000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[1] | Manikantan Srinivasan , NEC Corporation India | Pooja Natarajan, NEC Corporation India |
x_mitre_contributors[2] | Pooja Natarajan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 20:13:44.744000+00:00 | 2022-10-24 18:51:58.072000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[2] | Manikanran Srinivasan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.3
Old Description | New Description | ||||
---|---|---|---|---|---|
t | 1 | [PsExec](https://attack.mitre.org/software/S0029) is a free | t | 1 | [PsExec](https://attack.mitre.org/software/S0029) is a free |
> | Microsoft tool that can be used to execute a program on anot | > | Microsoft tool that can be used to execute a program on anot | ||
> | her computer. It is used by IT administrators and attackers. | > | her computer. It is used by IT administrators and attackers. | ||
> | (Citation: Russinovich Sysinternals) (Citation: SANS PsExec | > | (Citation: Russinovich Sysinternals)(Citation: SANS PsExec) | ||
> | ) |
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-09-28 14:47:20.421000+00:00 | 2022-11-01 18:29:13.666000+00:00 |
description | [PsExec](https://attack.mitre.org/software/S0029) is a free Microsoft tool that can be used to execute a program on another computer. It is used by IT administrators and attackers. (Citation: Russinovich Sysinternals) (Citation: SANS PsExec) | [PsExec](https://attack.mitre.org/software/S0029) is a free Microsoft tool that can be used to execute a program on another computer. It is used by IT administrators and attackers.(Citation: Russinovich Sysinternals)(Citation: SANS PsExec) |
external_references[1]['description'] | Pilkington, M.. (2012, December 17). Protecting Privileged Domain Accounts: PsExec Deep-Dive. Retrieved August 17, 2016. | Pilkington, M. (2012, December 17). Protecting Privileged Domain Accounts: PsExec Deep-Dive. Retrieved August 17, 2016. |
external_references[1]['url'] | https://digital-forensics.sans.org/blog/2012/12/17/protecting-privileged-domain-accounts-psexec-deep-dive | https://www.sans.org/blog/protecting-privileged-domain-accounts-psexec-deep-dive/ |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-18 13:10:21.905000+00:00 | 2022-10-24 18:54:58.048000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[2] | Manikantan Srinivasan , NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-04-10 16:43:00.619000+00:00 | 2022-10-24 18:47:53.298000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[0] | Phil Taylor, BT Security | Phill Taylor, BT Security |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-21 18:42:52.256000+00:00 | 2022-10-24 18:50:40.179000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[1] | Manikantan Srinivasan , NEC Corporation India | Pooja Natarajan, NEC Corporation India |
x_mitre_contributors[2] | Pooja Natarajan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-13 17:54:09.402000+00:00 | 2022-10-24 18:48:18.917000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[0] | Phil Taylor, BT Security | Phill Taylor, BT Security |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-18 13:09:11.486000+00:00 | 2022-10-24 18:50:12.653000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[1] | Manikantan Srinivasan , NEC Corporation India | Pooja Natarajan, NEC Corporation India |
x_mitre_contributors[2] | Pooja Natarajan, NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
STIX Field | Old value | New Value |
---|---|---|
modified | 2022-10-20 18:29:03.956000+00:00 | 2022-10-24 18:51:09.213000+00:00 |
x_mitre_attack_spec_version | 2.1.0 | 3.0.0 |
x_mitre_contributors[2] | Manikantan Srinivasan , NEC Corporation India | Manikantan Srinivasan, NEC Corporation India |
Current version: 1.0
Description: Contextual data about a container and activity around it such as name, ID, image, or status
STIX Field | Old value | New Value |
---|---|---|
x_mitre_deprecated | True |
STIX Field | Old value | New Value |
---|---|---|
modified | 2021-10-20T15:05:19.274Z | 2022-11-07T19:45:00.000Z |
Current version: 1.0
Description: Contextual data about a pod and activity around it such as name, ID, namespace, or status
STIX Field | Old value | New Value |
---|---|---|
x_mitre_deprecated | True |
STIX Field | Old value | New Value |
---|---|---|
modified | 2021-10-20T15:05:19.272Z | 2022-11-07T19:45:00.000Z |