adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/55d58a12-3644-4378-8ca9-44a6950d210b.json

1617 lines
65 KiB
JSON
Raw Permalink Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--55d58a12-3644-4378-8ca9-44a6950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:55.000Z",
"modified": "2015-08-20T08:53:55.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55d58a12-3644-4378-8ca9-44a6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:55.000Z",
"modified": "2015-08-20T08:53:55.000Z",
"name": "OSINT Cheshire Cat",
"published": "2015-08-20T09:09:15Z",
"object_refs": [
"observed-data--55d58a8a-fa5c-4e2d-bac4-4768950d210b",
"url--55d58a8a-fa5c-4e2d-bac4-4768950d210b",
"observed-data--55d58a8b-e044-40ca-abf3-4c2c950d210b",
"url--55d58a8b-e044-40ca-abf3-4c2c950d210b",
"observed-data--55d58a8b-0d10-410d-9354-4554950d210b",
"url--55d58a8b-0d10-410d-9354-4554950d210b",
"x-misp-attribute--55d58a95-daa0-4309-9cb8-41a3950d210b",
"indicator--55d58ad5-f798-4f29-9fde-49ef950d210b",
"indicator--55d58ad6-9b1c-4315-87e5-4b18950d210b",
"indicator--55d58ad6-42a8-471d-bde8-4de6950d210b",
"indicator--55d58ad6-0800-43bb-a744-4b8d950d210b",
"indicator--55d58ad6-5ea8-44a8-9250-45c3950d210b",
"indicator--55d58ad6-2c7c-46df-acfa-40e9950d210b",
"indicator--55d58ad7-053c-4bf6-bc43-401c950d210b",
"indicator--55d58ad7-9938-4cf5-9b42-4c22950d210b",
"indicator--55d58ad7-c2c0-48d1-93fa-4d39950d210b",
"indicator--55d58ad7-58b8-4e0a-887f-444b950d210b",
"indicator--55d58ad7-6040-425a-b2da-47c5950d210b",
"indicator--55d58ad8-90ec-476f-b0f8-4ec6950d210b",
"indicator--55d58ad8-8b1c-4daf-a8ae-4cd2950d210b",
"indicator--55d58ad8-4068-4766-8adf-422f950d210b",
"indicator--55d58ad8-7af0-4255-bbb6-4017950d210b",
"indicator--55d58ad8-8e64-4cd6-a90a-47e8950d210b",
"indicator--55d58ad9-332c-4204-9448-4867950d210b",
"indicator--55d58ad9-bea4-466d-95cd-455e950d210b",
"indicator--55d58ad9-5a84-476f-9640-44b1950d210b",
"indicator--55d58ad9-7ed0-4b83-85e4-4802950d210b",
"indicator--55d58ad9-8710-41db-b093-4b44950d210b",
"indicator--55d58ada-5dac-4142-b813-420f950d210b",
"indicator--55d58ada-f3e4-4142-8cfa-4a33950d210b",
"indicator--55d58ada-4804-4b84-87e4-49c4950d210b",
"indicator--55d58ada-70f0-43dd-a0ed-4233950d210b",
"indicator--55d58ada-da7c-4abf-87df-4665950d210b",
"indicator--55d58adb-dc78-4784-bf5e-4d60950d210b",
"indicator--55d58adb-2bf8-4d31-b3b8-4b11950d210b",
"indicator--55d58adb-1538-47d7-a764-4a1c950d210b",
"indicator--55d58adb-7cd8-48c1-90cc-4916950d210b",
"indicator--55d58adb-5c20-4a4a-9e48-408b950d210b",
"indicator--55d58adc-1efc-481d-ba4d-434e950d210b",
"indicator--55d58adc-58fc-4c3e-b118-4fa6950d210b",
"indicator--55d58adc-94b4-439f-8245-40bd950d210b",
"indicator--55d58adc-960c-4c90-af9d-4bcc950d210b",
"indicator--55d58adc-089c-41f5-8440-4d3c950d210b",
"indicator--55d58add-d078-45ba-aaa3-49cf950d210b",
"indicator--55d58add-9c94-4a8d-8ca1-4e07950d210b",
"indicator--55d58add-828c-4c5d-8303-4865950d210b",
"indicator--55d58add-6274-46d9-8828-4e73950d210b",
"indicator--55d58add-a2d4-490e-b924-4043950d210b",
"indicator--55d58b1e-8630-4ec2-ac16-4b94950d210b",
"indicator--55d58b1e-c448-4474-ba0a-496d950d210b",
"indicator--55d58b1f-70a0-40c4-9bae-4d3a950d210b",
"indicator--55d58b1f-66bc-4770-b9de-4f5c950d210b",
"x-misp-attribute--55d58b7a-a920-48ad-953c-44f3950d210b",
"indicator--55d595a3-cec4-476c-84b0-0ec5950d210b",
"indicator--55d595a3-8e54-4af9-9a9d-0ec5950d210b",
"observed-data--55d595a3-d218-4f01-a17f-0ec5950d210b",
"url--55d595a3-d218-4f01-a17f-0ec5950d210b",
"indicator--55d595a4-a3f8-4bee-8eba-0ec5950d210b",
"indicator--55d595a4-7768-4726-b67f-0ec5950d210b",
"observed-data--55d595a4-32b0-4d21-98e5-0ec5950d210b",
"url--55d595a4-32b0-4d21-98e5-0ec5950d210b",
"indicator--55d595a4-c2f0-434c-8c47-0ec5950d210b",
"indicator--55d595a4-eaa0-4fe5-ad8b-0ec5950d210b",
"observed-data--55d595a5-782c-46d7-a9bf-0ec5950d210b",
"url--55d595a5-782c-46d7-a9bf-0ec5950d210b",
"indicator--55d595a5-e170-464e-8929-0ec5950d210b",
"indicator--55d595a5-6f24-4901-bcf3-0ec5950d210b",
"observed-data--55d595a5-a7f8-4e72-8fcd-0ec5950d210b",
"url--55d595a5-a7f8-4e72-8fcd-0ec5950d210b",
"indicator--55d595a5-aef8-436f-b9f4-0ec5950d210b",
"indicator--55d595a6-f3f0-4163-9e01-0ec5950d210b",
"observed-data--55d595a6-f484-4119-84b7-0ec5950d210b",
"url--55d595a6-f484-4119-84b7-0ec5950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d58a8a-fa5c-4e2d-bac4-4768950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:06:34.000Z",
"modified": "2015-08-20T08:06:34.000Z",
"first_observed": "2015-08-20T08:06:34Z",
"last_observed": "2015-08-20T08:06:34Z",
"number_observed": 1,
"object_refs": [
"url--55d58a8a-fa5c-4e2d-bac4-4768950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d58a8a-fa5c-4e2d-bac4-4768950d210b",
"value": "http://kernelmode.info/forum/viewtopic.php?f=16&t=3981"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d58a8b-e044-40ca-abf3-4c2c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:06:35.000Z",
"modified": "2015-08-20T08:06:35.000Z",
"first_observed": "2015-08-20T08:06:35Z",
"last_observed": "2015-08-20T08:06:35Z",
"number_observed": 1,
"object_refs": [
"url--55d58a8b-e044-40ca-abf3-4c2c950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d58a8b-e044-40ca-abf3-4c2c950d210b",
"value": "https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Marquis-Boire"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d58a8b-0d10-410d-9354-4554950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:06:35.000Z",
"modified": "2015-08-20T08:06:35.000Z",
"first_observed": "2015-08-20T08:06:35Z",
"last_observed": "2015-08-20T08:06:35Z",
"number_observed": 1,
"object_refs": [
"url--55d58a8b-0d10-410d-9354-4554950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d58a8b-0d10-410d-9354-4554950d210b",
"value": "https://otx.alienvault.com/pulse/55d3d4c74637f226f7391154/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55d58a95-daa0-4309-9cb8-41a3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:06:45.000Z",
"modified": "2015-08-20T08:06:45.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Cheshire Cat"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad5-f798-4f29-9fde-49ef950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:49.000Z",
"modified": "2015-08-20T08:07:49.000Z",
"pattern": "[file:hashes.SHA256 = '63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad6-9b1c-4315-87e5-4b18950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:50.000Z",
"modified": "2015-08-20T08:07:50.000Z",
"pattern": "[domain-name:value = 'apartmentsin-paris.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad6-42a8-471d-bde8-4de6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:50.000Z",
"modified": "2015-08-20T08:07:50.000Z",
"pattern": "[domain-name:value = 'au-skydivelessons.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad6-0800-43bb-a744-4b8d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:50.000Z",
"modified": "2015-08-20T08:07:50.000Z",
"pattern": "[domain-name:value = 'beautifuldaisies.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad6-5ea8-44a8-9250-45c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:50.000Z",
"modified": "2015-08-20T08:07:50.000Z",
"pattern": "[domain-name:value = 'brazil-crazybungee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad6-2c7c-46df-acfa-40e9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:50.000Z",
"modified": "2015-08-20T08:07:50.000Z",
"pattern": "[domain-name:value = 'bungee4you-br.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad7-053c-4bf6-bc43-401c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:51.000Z",
"modified": "2015-08-20T08:07:51.000Z",
"pattern": "[domain-name:value = 'bungee4you-uy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad7-9938-4cf5-9b42-4c22950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:51.000Z",
"modified": "2015-08-20T08:07:51.000Z",
"pattern": "[domain-name:value = 'bungeejumping-br.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad7-c2c0-48d1-93fa-4d39950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:51.000Z",
"modified": "2015-08-20T08:07:51.000Z",
"pattern": "[domain-name:value = 'bungeejumping-uy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad7-58b8-4e0a-887f-444b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:51.000Z",
"modified": "2015-08-20T08:07:51.000Z",
"pattern": "[domain-name:value = 'china-flowershop.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad7-6040-425a-b2da-47c5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:51.000Z",
"modified": "2015-08-20T08:07:51.000Z",
"pattern": "[domain-name:value = 'circlesofourlives-ir.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad8-90ec-476f-b0f8-4ec6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:52.000Z",
"modified": "2015-08-20T08:07:52.000Z",
"pattern": "[domain-name:value = 'clickflowers-hk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad8-8b1c-4daf-a8ae-4cd2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:52.000Z",
"modified": "2015-08-20T08:07:52.000Z",
"pattern": "[domain-name:value = 'crazy-jump.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad8-4068-4766-8adf-422f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:52.000Z",
"modified": "2015-08-20T08:07:52.000Z",
"pattern": "[domain-name:value = 'crazyjump-uy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad8-7af0-4255-bbb6-4017950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:52.000Z",
"modified": "2015-08-20T08:07:52.000Z",
"pattern": "[domain-name:value = 'cropcirclestours.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad8-8e64-4cd6-a90a-47e8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:52.000Z",
"modified": "2015-08-20T08:07:52.000Z",
"pattern": "[domain-name:value = 'dive-extreme.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad9-332c-4204-9448-4867950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:53.000Z",
"modified": "2015-08-20T08:07:53.000Z",
"pattern": "[domain-name:value = 'divextreme-ar.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad9-bea4-466d-95cd-455e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:53.000Z",
"modified": "2015-08-20T08:07:53.000Z",
"pattern": "[domain-name:value = 'divextreme-au.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad9-5a84-476f-9640-44b1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:53.000Z",
"modified": "2015-08-20T08:07:53.000Z",
"pattern": "[domain-name:value = 'euro-rafting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad9-7ed0-4b83-85e4-4802950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:53.000Z",
"modified": "2015-08-20T08:07:53.000Z",
"pattern": "[domain-name:value = 'eurorafting-tr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ad9-8710-41db-b093-4b44950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:53.000Z",
"modified": "2015-08-20T08:07:53.000Z",
"pattern": "[domain-name:value = 'franceholidayapartments.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ada-5dac-4142-b813-420f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:54.000Z",
"modified": "2015-08-20T08:07:54.000Z",
"pattern": "[domain-name:value = 'groupbungee-br.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ada-f3e4-4142-8cfa-4a33950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:54.000Z",
"modified": "2015-08-20T08:07:54.000Z",
"pattern": "[domain-name:value = 'groupbungee-uy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ada-4804-4b84-87e4-49c4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:54.000Z",
"modified": "2015-08-20T08:07:54.000Z",
"pattern": "[domain-name:value = 'groupdive-au.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ada-70f0-43dd-a0ed-4233950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:54.000Z",
"modified": "2015-08-20T08:07:54.000Z",
"pattern": "[domain-name:value = 'groupdive.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58ada-da7c-4abf-87df-4665950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:54.000Z",
"modified": "2015-08-20T08:07:54.000Z",
"pattern": "[domain-name:value = 'holidayapartments-paris.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adb-dc78-4784-bf5e-4d60950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:55.000Z",
"modified": "2015-08-20T08:07:55.000Z",
"pattern": "[domain-name:value = 'holidayapartments4you.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adb-2bf8-4d31-b3b8-4b11950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:55.000Z",
"modified": "2015-08-20T08:07:55.000Z",
"pattern": "[domain-name:value = 'hongkong-bouquets.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adb-1538-47d7-a764-4a1c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:55.000Z",
"modified": "2015-08-20T08:07:55.000Z",
"pattern": "[domain-name:value = 'ir-cool.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adb-7cd8-48c1-90cc-4916950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:55.000Z",
"modified": "2015-08-20T08:07:55.000Z",
"pattern": "[domain-name:value = 'irelancropcircles.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adb-5c20-4a4a-9e48-408b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:55.000Z",
"modified": "2015-08-20T08:07:55.000Z",
"pattern": "[domain-name:value = 'magnificentcircles.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adc-1efc-481d-ba4d-434e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:56.000Z",
"modified": "2015-08-20T08:07:56.000Z",
"pattern": "[domain-name:value = 'paris-holidayapartments.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adc-58fc-4c3e-b118-4fa6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:56.000Z",
"modified": "2015-08-20T08:07:56.000Z",
"pattern": "[domain-name:value = 'raftingholiday.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adc-94b4-439f-8245-40bd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:56.000Z",
"modified": "2015-08-20T08:07:56.000Z",
"pattern": "[domain-name:value = 'raftingtours-turkey.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adc-960c-4c90-af9d-4bcc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:56.000Z",
"modified": "2015-08-20T08:07:56.000Z",
"pattern": "[domain-name:value = 'rosesinchina.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58adc-089c-41f5-8440-4d3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:56.000Z",
"modified": "2015-08-20T08:07:56.000Z",
"pattern": "[domain-name:value = 'skydivelessons.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58add-d078-45ba-aaa3-49cf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:57.000Z",
"modified": "2015-08-20T08:07:57.000Z",
"pattern": "[domain-name:value = 'stuntjumps.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58add-9c94-4a8d-8ca1-4e07950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:57.000Z",
"modified": "2015-08-20T08:07:57.000Z",
"pattern": "[domain-name:value = 'tandemskydive-ar.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58add-828c-4c5d-8303-4865950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:57.000Z",
"modified": "2015-08-20T08:07:57.000Z",
"pattern": "[domain-name:value = 'tandemskydive-au.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58add-6274-46d9-8828-4e73950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:57.000Z",
"modified": "2015-08-20T08:07:57.000Z",
"pattern": "[domain-name:value = 'turkeyextremerafting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58add-a2d4-490e-b924-4043950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:07:57.000Z",
"modified": "2015-08-20T08:07:57.000Z",
"pattern": "[domain-name:value = 'uruguay-crazybungee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:07:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58b1e-8630-4ec2-ac16-4b94950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:09:02.000Z",
"modified": "2015-08-20T08:09:02.000Z",
"pattern": "[file:hashes.MD5 = 'e2ca6cca598d47dee311f06920c1efde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:09:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58b1e-c448-4474-ba0a-496d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:09:02.000Z",
"modified": "2015-08-20T08:09:02.000Z",
"pattern": "[file:hashes.MD5 = '4e0a3498438adda8c50c3e101cfa86c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:09:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58b1f-70a0-40c4-9bae-4d3a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:09:03.000Z",
"modified": "2015-08-20T08:09:03.000Z",
"pattern": "[file:hashes.MD5 = '3ba57784d7fd4302fe74beb648b28dc1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:09:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d58b1f-66bc-4770-b9de-4f5c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:09:03.000Z",
"modified": "2015-08-20T08:09:03.000Z",
"pattern": "[file:hashes.MD5 = 'fa1e5eec39910a34ede1c4351ccecec8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:09:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55d58b7a-a920-48ad-953c-44f3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:10:34.000Z",
"modified": "2015-08-20T08:10:34.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_comment": "Unconfirmed group name used by Kaspersky, menioned in the kernelMode forum thread",
"x_misp_type": "text",
"x_misp_value": "Flowershop"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a3-cec4-476c-84b0-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:55.000Z",
"modified": "2015-08-20T08:53:55.000Z",
"description": "- Xchecked via VT: e2ca6cca598d47dee311f06920c1efde",
"pattern": "[file:hashes.SHA1 = '7384156ef7282c4bb6a4d0d4e9498a6a40df2377']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a3-8e54-4af9-9a9d-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:55.000Z",
"modified": "2015-08-20T08:53:55.000Z",
"description": "- Xchecked via VT: e2ca6cca598d47dee311f06920c1efde",
"pattern": "[file:hashes.SHA256 = 'dc18850d065ff6a8364421a9c8f9dd5fcce6c7567f4881466cee00e5cd0c7aa8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d595a3-d218-4f01-a17f-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:55.000Z",
"modified": "2015-08-20T08:53:55.000Z",
"first_observed": "2015-08-20T08:53:55Z",
"last_observed": "2015-08-20T08:53:55Z",
"number_observed": 1,
"object_refs": [
"url--55d595a3-d218-4f01-a17f-0ec5950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d595a3-d218-4f01-a17f-0ec5950d210b",
"value": "https://www.virustotal.com/file/dc18850d065ff6a8364421a9c8f9dd5fcce6c7567f4881466cee00e5cd0c7aa8/analysis/1439822856/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a4-a3f8-4bee-8eba-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:56.000Z",
"modified": "2015-08-20T08:53:56.000Z",
"description": "- Xchecked via VT: 4e0a3498438adda8c50c3e101cfa86c5",
"pattern": "[file:hashes.SHA1 = '0655670f1cb40e84ba12adb9711f001269712054']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a4-7768-4726-b67f-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:56.000Z",
"modified": "2015-08-20T08:53:56.000Z",
"description": "- Xchecked via VT: 4e0a3498438adda8c50c3e101cfa86c5",
"pattern": "[file:hashes.SHA256 = 'ec41b029c3ff4147b6a5252cb8b659f851f4538d4af0a574f7e16bc1cd14a300']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d595a4-32b0-4d21-98e5-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:56.000Z",
"modified": "2015-08-20T08:53:56.000Z",
"first_observed": "2015-08-20T08:53:56Z",
"last_observed": "2015-08-20T08:53:56Z",
"number_observed": 1,
"object_refs": [
"url--55d595a4-32b0-4d21-98e5-0ec5950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d595a4-32b0-4d21-98e5-0ec5950d210b",
"value": "https://www.virustotal.com/file/ec41b029c3ff4147b6a5252cb8b659f851f4538d4af0a574f7e16bc1cd14a300/analysis/1439558789/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a4-c2f0-434c-8c47-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:56.000Z",
"modified": "2015-08-20T08:53:56.000Z",
"description": "- Xchecked via VT: fa1e5eec39910a34ede1c4351ccecec8",
"pattern": "[file:hashes.SHA1 = 'ca3c5872080ec86a041b2b887caec9f28ba7b884']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a4-eaa0-4fe5-ad8b-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:56.000Z",
"modified": "2015-08-20T08:53:56.000Z",
"description": "- Xchecked via VT: fa1e5eec39910a34ede1c4351ccecec8",
"pattern": "[file:hashes.SHA256 = 'c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d595a5-782c-46d7-a9bf-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:57.000Z",
"modified": "2015-08-20T08:53:57.000Z",
"first_observed": "2015-08-20T08:53:57Z",
"last_observed": "2015-08-20T08:53:57Z",
"number_observed": 1,
"object_refs": [
"url--55d595a5-782c-46d7-a9bf-0ec5950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d595a5-782c-46d7-a9bf-0ec5950d210b",
"value": "https://www.virustotal.com/file/c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532/analysis/1440038879/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a5-e170-464e-8929-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:57.000Z",
"modified": "2015-08-20T08:53:57.000Z",
"description": "- Xchecked via VT: 3ba57784d7fd4302fe74beb648b28dc1",
"pattern": "[file:hashes.SHA1 = '648a62d74ab1076e66a7a70f0899b8093eca2b01']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a5-6f24-4901-bcf3-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:57.000Z",
"modified": "2015-08-20T08:53:57.000Z",
"description": "- Xchecked via VT: 3ba57784d7fd4302fe74beb648b28dc1",
"pattern": "[file:hashes.SHA256 = '32159d2a16397823bc882ddd3cd77ecdbabe0fde934e62f297b8ff4d7b89832a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d595a5-a7f8-4e72-8fcd-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:57.000Z",
"modified": "2015-08-20T08:53:57.000Z",
"first_observed": "2015-08-20T08:53:57Z",
"last_observed": "2015-08-20T08:53:57Z",
"number_observed": 1,
"object_refs": [
"url--55d595a5-a7f8-4e72-8fcd-0ec5950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d595a5-a7f8-4e72-8fcd-0ec5950d210b",
"value": "https://www.virustotal.com/file/32159d2a16397823bc882ddd3cd77ecdbabe0fde934e62f297b8ff4d7b89832a/analysis/1439460874/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a5-aef8-436f-b9f4-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:57.000Z",
"modified": "2015-08-20T08:53:57.000Z",
"description": "- Xchecked via VT: 63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb",
"pattern": "[file:hashes.MD5 = '7b0e7297d5157586f4075098be9efc8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55d595a6-f3f0-4163-9e01-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:58.000Z",
"modified": "2015-08-20T08:53:58.000Z",
"description": "- Xchecked via VT: 63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb",
"pattern": "[file:hashes.SHA1 = '421156c4858878ef8beeadf54c4549095445b682']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-20T08:53:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55d595a6-f484-4119-84b7-0ec5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-20T08:53:58.000Z",
"modified": "2015-08-20T08:53:58.000Z",
"first_observed": "2015-08-20T08:53:58Z",
"last_observed": "2015-08-20T08:53:58Z",
"number_observed": 1,
"object_refs": [
"url--55d595a6-f484-4119-84b7-0ec5950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55d595a6-f484-4119-84b7-0ec5950d210b",
"value": "https://www.virustotal.com/file/63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb/analysis/1439461052/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink