{"id":6286,"date":"2017-09-01T19:12:49","date_gmt":"2017-09-01T19:12:49","guid":{"rendered":"http:\/\/blog.nsfocusglobal.com\/?p=808"},"modified":"2017-09-01T19:12:49","modified_gmt":"2017-09-01T19:12:49","slug":"analysis-of-phishing-attacks-targeting-ukrainian-banks","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/","title":{"rendered":"Analysis of Phishing Attacks Targeting Ukrainian Banks"},"content":{"rendered":"

Overview<\/h2>\n

On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus would exploit the CVE-2015-2545 vulnerability to cause remote code execution by sending emails with the code disguised as a Microsoft Word document. Subsequently, a cybersecurity institution found traces of such an attack and suspected that it was associated with a series of other attacks targeting East European countries.<\/p>\n

Related information can be found at the following link:<\/p>\n

https:\/\/www.reuters.com\/article\/us-cyber-ukraine-banking-idUSKCN1AY0Y4<\/strong><\/a><\/p>\n

Technical Analysis<\/h2>\n

\u00a0 \u00a0Basic Information<\/h3>\n\n\n\n\n\n\n\n\n
File Name<\/td>\n\u0414\u043e\u0433\u043e\u0432\u043e\u0440.docx<\/td>\n<\/tr>\n
File MD5<\/td>\n57F51443A**********C6AFBD368E40E<\/td>\n<\/tr>\n
File SHAI<\/td>\n3224F221B**********CB2F1B4A16F7A6CC76190<\/td>\n<\/tr>\n
File Size<\/td>\n346.40 KB (354713 bytes)<\/td>\n<\/tr>\n
File Type<\/td>\nOffice Open XML Document<\/td>\n<\/tr>\n
Summary<\/td>\nExploitation of the CVE-2015-4525 vulnerability to drop and execute malicious files<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

 <\/p>\n\n\n\n\n\n\n\n\n
File Name<\/td>\nwinword.exe<\/td>\n<\/tr>\n
File MD5<\/td>\n5B4417521C**********2FE94AB395B2<\/td>\n<\/tr>\n
File SHAI<\/td>\n2EE8EE6D8C**********BB96952861F3704E82E9<\/td>\n<\/tr>\n
File Size<\/td>\n62.50 KB (64000 bytes)<\/td>\n<\/tr>\n
File Type<\/td>\nPortable Executable 32<\/td>\n<\/tr>\n
Summary<\/td>\nCommunicating with the server to obtain command codes and then performing different operations according to different commands<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

 <\/p>\n

\u00a0 \u00a0Overall Attack Process<\/h3>\n

The attacker sends an email with a specially crafted Office document as an attachment, which, by exploiting the CVE-2015-2545 vulnerability in Microsoft Office, drops and executes an executable file. Then the child program, after connecting to the server, sends a GET request to the latter for commands, and finally performs actions as instructed.<\/p>\n

The CVE-2015-2545 vulnerability affects Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1. An attacker could remotely execute arbitrary code via a specially crafted EPS image.<\/p>\n

The overall attack process is as follows:\"\"<\/a><\/p>\n

\u00a0 \u00a0Behavior Analysis<\/h3>\n

Once opened, the malicious Office document will drop and execute a WINWORD.exe program. (FLTLDR.exe is an Office program.)<\/p>\n

\"\"<\/a><\/p>\n

The EPS image extracted from the document contains a large quantity of data, followed by the exec<\/strong> function. Obviously, this Office document drops WINWORD.exe via this EPS image.<\/p>\n

\"\"<\/a><\/p>\n

After being started, WINWORD.exe first attempts to get the volume serial number of a disk drive and then uses such serial number to craft a URL and rename the file.<\/p>\n

\"\"<\/a><\/p>\n

The virus then crafts a URL and sends GET requests to the server to obtain command codes: fal, DEL, and |http.<\/p>\n

\u00a0 \u00a0 fal<\/h4>\n

The virus moves itself into the system directory and renames itself IntelSofts_4880109f.exe<\/strong>, where 4880109f is the volume serial number previously obtained. Subsequently, the virus deletes the original file and modifies the registry by adding an autostart item.<\/p>\n

\"\"<\/a><\/p>\n

\"\"<\/a><\/p>\n

\u00a0 \u00a0 DEF<\/h4>\n

The virus deletes the autostart item and exits the program.<\/p>\n

\"\"<\/a><\/p>\n

\u00a0 \u00a0 |http<\/h4>\n

The virus obtains data when sending GET requests to the server previously. Now it extracts the URL from this data and then reads data from this URL before writing it into a local file with the name of MicrosoftUpdte.exe<\/strong>, which is then executed.<\/p>\n

\"\"<\/a><\/p>\n

\u00a0 \u00a0Attack Source<\/h3>\n

The IP address of the server accessed is 158.69.218.119.<\/p>\n

\"\"<\/a><\/p>\n

Detection and Protection Methods<\/h2>\n

\u00a0 \u00a0Static Detection<\/h3>\n
    \n
  1. The virus, after execution, drops WINWORD.exe in C:\\Users\\HelloWorld\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup.<\/li>\n
  2. Then it creates an autostart item named IntelSofts<\/strong> in the registry in the HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run<\/strong><\/li>\n<\/ol>\n

    \u00a0 \u00a0Dynamic Detection<\/h3>\n

    The virus attempts to connect to the server (IP address: 158.69.218.119) to obtain data.<\/p>\n

    \u00a0 \u00a0Preventive Measures<\/h3>\n
      \n
    1. Do not open emails from strangers, especially those containing links or attachments.<\/li>\n
    2. Disable macros in Microsoft Office. If macros have to be enabled, make sure that the file comes from a reliable source.<\/li>\n
    3. Enable the system firewall.<\/li>\n
    4. Use the latest system and applications to prevent attacks based on known vulnerabilities.<\/li>\n<\/ol>\n

      \u00a0 \u00a0NSFOCUS Solutions for Removing Trojans<\/h3>\n
        \n
      1. Short-term service: NSFOCUS engineers provide the onsite trojan backdoor removal service (manual services + NIPS + TAC) to ensure that risk points are immediately eliminated from the network and the event impact is minimized. After the handling, an event analysis report is provided.<\/li>\n
      2. Mid-term service: NSFOCUS provides 3- to 6-month risk monitoring and preventive maintenance inspection (PMI) services (NIPS + TAC + manual services) to detect this malicious sample in an ongoing manner, thereby securing customers’ systems.<\/li>\n
      3. Long-term service: NSFOCUS provides industry-specific risk mitigation solutions (threat intelligence + attack traceback + professional security service).<\/li>\n<\/ol>\n

        Conclusion<\/h2>\n

        The attacker, by exploiting a vulnerability in Microsoft Office, crafts a malicious document, which will drop an executable with the name looking perfectly normal to effectively hide its true nature. Then the virus will modify the registry by adding an autostart item for persistent attacks. For such attacks, it is important to take preventive measures by hardening system security and requiring standard operations, so as not to end up a victim.<\/p>\n","protected":false},"excerpt":{"rendered":"

        Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus would exploit the CVE-2015-2545 vulnerability to cause remote code execution by sending emails with the code disguised as a Microsoft Word document. Subsequently, a cybersecurity institution found traces of such an attack […]<\/p>\n","protected":false},"author":1,"featured_media":35818,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6,7],"tags":[93,582],"class_list":["post-6286","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","category-events","tag-apt","tag-phishing"],"acf":[],"yoast_head":"\nAnalysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-01T19:12:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"Analysis of Phishing Attacks Targeting Ukrainian Banks\",\"datePublished\":\"2017-09-01T19:12:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/\"},\"wordCount\":768,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/pic1-1.png\",\"keywords\":[\"APT\",\"Phishing\"],\"articleSection\":[\"Emergency Response\",\"Global Events\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/\",\"name\":\"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/pic1-1.png\",\"datePublished\":\"2017-09-01T19:12:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/pic1-1.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/pic1-1.png\",\"width\":910,\"height\":813,\"caption\":\"Flowchart of a malware attack process.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/analysis-of-phishing-attacks-targeting-ukrainian-banks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Analysis of Phishing Attacks Targeting Ukrainian Banks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS","og_description":"Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus","og_url":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/","og_site_name":"NSFOCUS","article_published_time":"2017-09-01T19:12:49+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS","twitter_description":"Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"Analysis of Phishing Attacks Targeting Ukrainian Banks","datePublished":"2017-09-01T19:12:49+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/"},"wordCount":768,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","keywords":["APT","Phishing"],"articleSection":["Emergency Response","Global Events"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/","url":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/","name":"Analysis of Phishing Attacks Targeting Ukrainian Banks - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","datePublished":"2017-09-01T19:12:49+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic1-1.png","width":910,"height":813,"caption":"Flowchart of a malware attack process."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/analysis-of-phishing-attacks-targeting-ukrainian-banks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"Analysis of Phishing Attacks Targeting Ukrainian Banks"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/6286","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=6286"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/6286\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/35818"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=6286"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=6286"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=6286"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}