misp-circl-feed/feeds/circl/stix-2.1/56f93f55-e6d0-45c9-8109-74ad02de0b81.json

848 lines
34 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--56f93f55-e6d0-45c9-8109-74ad02de0b81",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:32.000Z",
"modified": "2016-03-28T14:29:32.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--56f93f55-e6d0-45c9-8109-74ad02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:32.000Z",
"modified": "2016-03-28T14:29:32.000Z",
"name": "Locky of the day (20160328) - affid=3",
"published": "2016-03-29T13:21:29Z",
"object_refs": [
"indicator--56f93f71-1e1c-4f57-974a-3f2b02de0b81",
"indicator--56f93f7b-edc4-4d27-bd7c-3f2c02de0b81",
"indicator--56f93f7b-44ac-4975-84f3-3f2c02de0b81",
"observed-data--56f93f7b-2fa0-4325-aa27-3f2c02de0b81",
"url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81",
"indicator--56f93f91-ad50-4798-90bc-3f2702de0b81",
"indicator--56f93f91-e500-4b6f-967b-3f2702de0b81",
"indicator--56f93f91-4e5c-4bfd-8669-3f2702de0b81",
"indicator--56f93f92-db3c-4944-be9f-3f2702de0b81",
"indicator--56f93f92-3bc0-40a4-98e3-3f2702de0b81",
"indicator--56f93f92-cc08-4a78-a453-3f2702de0b81",
"indicator--56f93fb3-7fc0-429c-aa4a-3f5d02de0b81",
"indicator--56f93fcc-4c84-46a6-9079-3f2f02de0b81",
"indicator--56f93fcd-ad84-461c-80b2-3f2f02de0b81",
"indicator--56f93fcd-d728-410b-b440-3f2f02de0b81",
"indicator--56f93fcd-6f38-4be3-9645-3f2f02de0b81",
"indicator--56f93fce-b880-4a0e-8755-3f2f02de0b81",
"indicator--56f93fce-84d4-4104-a05f-3f2f02de0b81",
"indicator--56f93fce-a728-4eca-9081-3f2f02de0b81",
"indicator--56f93fcf-beac-4828-a54d-3f2f02de0b81",
"indicator--56f93fcf-afe8-4514-8bf4-3f2f02de0b81",
"indicator--56f93fcf-f130-485e-886d-3f2f02de0b81",
"indicator--56f93fcf-0b84-4b10-a9ea-3f2f02de0b81",
"indicator--56fa6e79-f934-4337-8091-43d4950d210f",
"indicator--56fa6e7a-22b4-4a5e-a88b-42c4950d210f",
"indicator--56fa6e7a-6234-4245-aded-4f2f950d210f",
"indicator--56fa6e7a-e6dc-47de-bba3-41be950d210f",
"indicator--56fa6e7b-f358-4891-9f38-4253950d210f",
"indicator--56fa6e7b-ed70-4c4c-903f-49ac950d210f",
"indicator--56fa6e7b-86bc-4b96-bf6c-4616950d210f",
"indicator--56fa6e7b-5fd4-4a72-9b79-481b950d210f",
"indicator--56fa6e7c-89c4-4b7c-9350-4509950d210f",
"indicator--56fa6e7c-d424-41c5-bbf4-446a950d210f",
"indicator--56fa6e7c-e9b0-4beb-a611-412b950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f71-1e1c-4f57-974a-3f2b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:01.000Z",
"modified": "2016-03-28T14:28:01.000Z",
"pattern": "[file:hashes.SHA256 = '61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f7b-edc4-4d27-bd7c-3f2c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:11.000Z",
"modified": "2016-03-28T14:28:11.000Z",
"description": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e",
"pattern": "[file:hashes.SHA1 = '76f27ed591f0270e73dbb0853e71f80a5b32218e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f7b-44ac-4975-84f3-3f2c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:11.000Z",
"modified": "2016-03-28T14:28:11.000Z",
"description": "- Xchecked via VT: 61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e",
"pattern": "[file:hashes.MD5 = '1f1e3688f85070dd1e9a766d03b6817e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56f93f7b-2fa0-4325-aa27-3f2c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:11.000Z",
"modified": "2016-03-28T14:28:11.000Z",
"first_observed": "2016-03-28T14:28:11Z",
"last_observed": "2016-03-28T14:28:11Z",
"number_observed": 1,
"object_refs": [
"url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56f93f7b-2fa0-4325-aa27-3f2c02de0b81",
"value": "https://www.virustotal.com/file/61894322c327ef2cbead173387a955db7e0dfa0ae7799bbe9608b15c78964d7e/analysis/1459171638/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f91-ad50-4798-90bc-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:33.000Z",
"modified": "2016-03-28T14:28:33.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.63.87.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f91-e500-4b6f-967b-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:33.000Z",
"modified": "2016-03-28T14:28:33.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.47.100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f91-4e5c-4bfd-8669-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:33.000Z",
"modified": "2016-03-28T14:28:33.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.72.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f92-db3c-4944-be9f-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:34.000Z",
"modified": "2016-03-28T14:28:34.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.19.170.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f92-3bc0-40a4-98e3-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:34.000Z",
"modified": "2016-03-28T14:28:34.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.217.8.127']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93f92-cc08-4a78-a453-3f2702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:28:34.000Z",
"modified": "2016-03-28T14:28:34.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.200.14.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fb3-7fc0-429c-aa4a-3f5d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:19.000Z",
"modified": "2016-03-28T14:29:19.000Z",
"pattern": "[url:value = 'http://comprecaldas.com/js/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcc-4c84-46a6-9079-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:32.000Z",
"modified": "2016-03-28T14:29:32.000Z",
"pattern": "[url:value = 'http://comprecaldas.com/js/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcd-ad84-461c-80b2-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:33.000Z",
"modified": "2016-03-28T14:29:33.000Z",
"pattern": "[url:value = 'http://distrazur.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcd-d728-410b-b440-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:33.000Z",
"modified": "2016-03-28T14:29:33.000Z",
"pattern": "[url:value = 'http://dragonex.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcd-6f38-4be3-9645-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:33.000Z",
"modified": "2016-03-28T14:29:33.000Z",
"pattern": "[url:value = 'http://homedesire.co.uk/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fce-b880-4a0e-8755-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:34.000Z",
"modified": "2016-03-28T14:29:34.000Z",
"pattern": "[url:value = 'http://lascelta.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fce-84d4-4104-a05f-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:34.000Z",
"modified": "2016-03-28T14:29:34.000Z",
"pattern": "[url:value = 'http://orkneyhampers.co.uk/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fce-a728-4eca-9081-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:34.000Z",
"modified": "2016-03-28T14:29:34.000Z",
"pattern": "[url:value = 'http://pockettypewriter.co.uk/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcf-beac-4828-a54d-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:35.000Z",
"modified": "2016-03-28T14:29:35.000Z",
"pattern": "[url:value = 'http://sandbox.bottlestore.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcf-afe8-4514-8bf4-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:35.000Z",
"modified": "2016-03-28T14:29:35.000Z",
"pattern": "[url:value = 'http://scorpena.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcf-f130-485e-886d-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:35.000Z",
"modified": "2016-03-28T14:29:35.000Z",
"pattern": "[url:value = 'http://store.brugomug.co.uk/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56f93fcf-0b84-4b10-a9ea-3f2f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-28T14:29:35.000Z",
"modified": "2016-03-28T14:29:35.000Z",
"pattern": "[url:value = 'http://wholesale.undercovermama.com/765f46vb.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-28T14:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e79-f934-4337-8091-43d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:57.000Z",
"modified": "2016-03-29T12:00:57.000Z",
"pattern": "[domain-name:value = 'comprecaldas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7a-22b4-4a5e-a88b-42c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:58.000Z",
"modified": "2016-03-29T12:00:58.000Z",
"pattern": "[domain-name:value = 'distrazur.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7a-6234-4245-aded-4f2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:58.000Z",
"modified": "2016-03-29T12:00:58.000Z",
"pattern": "[domain-name:value = 'homedesire.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7a-e6dc-47de-bba3-41be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:58.000Z",
"modified": "2016-03-29T12:00:58.000Z",
"pattern": "[domain-name:value = 'dragonex.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7b-f358-4891-9f38-4253950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:59.000Z",
"modified": "2016-03-29T12:00:59.000Z",
"pattern": "[domain-name:value = 'orkneyhampers.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7b-ed70-4c4c-903f-49ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:59.000Z",
"modified": "2016-03-29T12:00:59.000Z",
"pattern": "[domain-name:value = 'lascelta.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7b-86bc-4b96-bf6c-4616950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:59.000Z",
"modified": "2016-03-29T12:00:59.000Z",
"pattern": "[domain-name:value = 'wholesale.undercovermama.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7b-5fd4-4a72-9b79-481b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:00:59.000Z",
"modified": "2016-03-29T12:00:59.000Z",
"pattern": "[domain-name:value = 'pockettypewriter.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:00:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7c-89c4-4b7c-9350-4509950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:01:00.000Z",
"modified": "2016-03-29T12:01:00.000Z",
"pattern": "[domain-name:value = 'scorpena.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:01:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7c-d424-41c5-bbf4-446a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:01:00.000Z",
"modified": "2016-03-29T12:01:00.000Z",
"pattern": "[domain-name:value = 'sandbox.bottlestore.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:01:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56fa6e7c-e9b0-4beb-a611-412b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-29T12:01:00.000Z",
"modified": "2016-03-29T12:01:00.000Z",
"pattern": "[domain-name:value = 'store.brugomug.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-29T12:01:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}