misp-circl-feed/feeds/circl/stix-2.1/5705186a-a7f0-4309-89be-5094950d210f.json

870 lines
253 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5705186a-a7f0-4309-89be-5094950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:50:03.000Z",
"modified": "2016-04-06T14:50:03.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5705186a-a7f0-4309-89be-5094950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:50:03.000Z",
"modified": "2016-04-06T14:50:03.000Z",
"name": "Dridex (2016-04-06) - botnet 122",
"published": "2016-04-06T14:51:56Z",
"object_refs": [
"indicator--570518bf-a8ac-42a0-ad4d-711d950d210f",
"indicator--570518c0-de54-450f-9795-711d950d210f",
"indicator--570518c0-afb4-424d-9690-711d950d210f",
"indicator--570518c0-a970-40de-aed5-711d950d210f",
"indicator--570518c1-0858-4c5a-a7fe-711d950d210f",
"indicator--570518c1-786c-401e-bb67-711d950d210f",
"indicator--570518c1-0528-40df-9ee2-711d950d210f",
"indicator--570518c2-f1c8-4135-82db-711d950d210f",
"indicator--570518c2-a904-4909-b873-711d950d210f",
"indicator--570518c2-b6ac-4909-a093-711d950d210f",
"indicator--570518c3-e3fc-4d77-bec7-711d950d210f",
"indicator--570518c3-f50c-44e5-9a04-711d950d210f",
"indicator--570518c3-292c-4425-88ff-711d950d210f",
"indicator--570518c3-e0f0-4082-8e0c-711d950d210f",
"indicator--570518c4-a97c-4dd9-a8cd-711d950d210f",
"indicator--570518c4-ba4c-4360-a8c3-711d950d210f",
"indicator--570518c4-388c-4557-9b67-711d950d210f",
"indicator--570518c5-b7e8-4e2e-a801-711d950d210f",
"indicator--570518c5-68fc-4362-8c6b-711d950d210f",
"indicator--570518c5-7dc8-4b8e-a873-711d950d210f",
"indicator--570518c6-4740-4e29-8443-711d950d210f",
"indicator--570518c6-e934-4fb5-8a8c-711d950d210f",
"indicator--570518c6-dc68-4fcb-8a49-711d950d210f",
"indicator--570518c7-deb0-44e3-aa73-711d950d210f",
"indicator--570518c7-c3c0-4b60-9c02-711d950d210f",
"indicator--5705190d-4650-43e4-b757-506a950d210f",
"indicator--5705190d-533c-4911-8f86-506a950d210f",
"indicator--5705190e-57f0-4e76-b06a-506a950d210f",
"indicator--5705190e-a394-43ac-a0f5-506a950d210f",
"indicator--5705190f-a5bc-40ab-8936-506a950d210f",
"indicator--57051910-c938-4ec5-ba8b-506a950d210f",
"observed-data--5705221c-a7a8-4187-aed5-ec2a02de0b81",
"url--5705221c-a7a8-4187-aed5-ec2a02de0b81",
"observed-data--5705221c-fea0-4be0-b674-ec2a02de0b81",
"url--5705221c-fea0-4be0-b674-ec2a02de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518bf-a8ac-42a0-ad4d-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:07.000Z",
"modified": "2016-04-06T14:10:07.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://shop.bleutree.biz/tablets/galaxytab3.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c0-de54-450f-9795-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:08.000Z",
"modified": "2016-04-06T14:10:08.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'shop.bleutree.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c0-afb4-424d-9690-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:08.000Z",
"modified": "2016-04-06T14:10:08.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.148.99.90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c0-a970-40de-aed5-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:08.000Z",
"modified": "2016-04-06T14:10:08.000Z",
"description": "On port 4043",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.245.92.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c1-0858-4c5a-a7fe-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:09.000Z",
"modified": "2016-04-06T14:10:09.000Z",
"description": "On port 448",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.70.242.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c1-786c-401e-bb67-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:09.000Z",
"modified": "2016-04-06T14:10:09.000Z",
"description": "On port 2443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.33.167.120']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c1-0528-40df-9ee2-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:09.000Z",
"modified": "2016-04-06T14:10:09.000Z",
"description": "On port 1943",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.169.147.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c2-f1c8-4135-82db-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:10.000Z",
"modified": "2016-04-06T14:10:10.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.96.248.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c2-a904-4909-b873-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:10.000Z",
"modified": "2016-04-06T14:10:10.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.8.45.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c2-b6ac-4909-a093-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:10.000Z",
"modified": "2016-04-06T14:10:10.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '142.166.241.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c3-e3fc-4d77-bec7-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:11.000Z",
"modified": "2016-04-06T14:10:11.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.174.126.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c3-f50c-44e5-9a04-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:11.000Z",
"modified": "2016-04-06T14:10:11.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.0.175.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c3-292c-4425-88ff-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:11.000Z",
"modified": "2016-04-06T14:10:11.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.194.159.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c3-e0f0-4082-8e0c-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:11.000Z",
"modified": "2016-04-06T14:10:11.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.133.82.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c4-a97c-4dd9-a8cd-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:12.000Z",
"modified": "2016-04-06T14:10:12.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.96.139.253']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c4-ba4c-4360-a8c3-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:12.000Z",
"modified": "2016-04-06T14:10:12.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.249.199.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c4-388c-4557-9b67-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:12.000Z",
"modified": "2016-04-06T14:10:12.000Z",
"description": "On port 443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '222.255.121.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c5-b7e8-4e2e-a801-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:13.000Z",
"modified": "2016-04-06T14:10:13.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.246.2.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c5-68fc-4362-8c6b-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:13.000Z",
"modified": "2016-04-06T14:10:13.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.190.2.168']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c5-7dc8-4b8e-a873-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:13.000Z",
"modified": "2016-04-06T14:10:13.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.51.25.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c6-4740-4e29-8443-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:14.000Z",
"modified": "2016-04-06T14:10:14.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.96.12.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c6-e934-4fb5-8a8c-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:14.000Z",
"modified": "2016-04-06T14:10:14.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.117.41.155']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c6-dc68-4fcb-8a49-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:14.000Z",
"modified": "2016-04-06T14:10:14.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.35.198.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c7-deb0-44e3-aa73-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:15.000Z",
"modified": "2016-04-06T14:10:15.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.204.49.244']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--570518c7-c3c0-4b60-9c02-711d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:10:15.000Z",
"modified": "2016-04-06T14:10:15.000Z",
"description": "On port 8443",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '71.9.39.36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:10:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5705190d-4650-43e4-b757-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:11:57.000Z",
"modified": "2016-04-06T14:11:57.000Z",
"description": "PE32",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAGxxhkhQvSJNl0wCAAAwAwAgABwANzFiM2QyZmZkYmYxNjI0MzRjYzZiM2RhYWIzZjI5YjlVVAkAAwwZBVcMGQVXdXgLAAEEIQAAAAQhAAAAKLo5CNTee8KFA3kBZ2LJ7YOgLa5lqvEe3t4RAXkQ+LVTntEr6gq6prxSuYOg85Ei3GGMXLBvbHh7b0JKlQ5liBwvIiAK3lewxCHYfG/CvFrzS90hKmrqqM6YtXHuqkGQuS0f68EluCISn3nsujK/Jda+yLJmwf2lGyyjsYnIuYc+Bd2MI7rOSQFh/PkTxqm4X8jEVlEdvrPg/i0rIKkkNT0LXIO0sFjWE9YnDXJebsb/GAiBJD60vgJKZUquzjiGxQBqBx5iIqlxi4jqXIgtXqFcNiExjCTo4U/40NX9DBx7IvjntNnq7sr7k+KynKSSkPVJbt6LuufvBP0t4AKVpWmhWEKeKy3M55rwEoQwHX0RNuBf0M2Rbwlx48CYUAWTFcf2t4Kv99NXuQJfHGLwFcsYw2jVDwX/J15GPY7fQlLNxILa3+7eX/ZLjdVSlhdiGfSeVtZ2E05ayaAaWlWKIETJCosX2d2nNEECa3DXeepivVYaJBuzUy5N5I/cEMBBKqzIMl+LZs0V0V3NJy0J6TZJZrUDl0c408Mvm16Tp16aN4w7FOXwW3K0KOSn7oc0osVjG4w78etmdp/J5y4Qz3eBYE+grhpOhzhcyU3VvbtPQbPOIlu1L8Qnms2L2smcpMvZZcrM5l54crr2HbNpdd9yyuuAnd/ioaRwdJfrOJjns5XDzce1MftowDGyGht1hby2XLgLGlDZQCX+aTTa90gwYzyraaAbc4AZ9mqAp2LvEfl3Rqb91Q72z+rhsEA2ax7F/0Qqj5WvCSBMhNYIlDnpglQNEAbL93Hnd+yxzC5V+DjEAKl1jRMeNZ8Wgl0rIRBf7GPrmM79IcDd/CMJjFIraVrqSQePMNebYAoLfZz3XJHezgbYYw5LtY3FQ9cV/jhiZ9VYePVLImdZlbniACQwVNZGccghfDQ24lUKTQZYPY6zjr3nqLHAHzIWkoRPt2yAyKXyJqLck5auxiOVw983ZDd0dlUH7eElQXR6eFlsZvljfqrDUh/cT3JNlXs7BlLHPw0l6P6bSG6GlFIYWQtnbX/c4ofb5YknwBhDfiXUEm60DNtMtwJmjC/HC9f7j0PNkZh8jS4mvnILvakchVFXIrEncHrZrjKS8oO9NnIXSFD7y+eRYDj2j+c95jpsWJzBh3gqN78gNt12VXds0RXX8ymqbV0YiOJ1cmPAUxB8Hs/toWRTq+tji+hWVh6I8F+41MmrioUgrJqzeemY+vEwD40W30ifiWQafjfH/JQ0Qw6LX4LVCGXDCEkIFtrjB40siksWM0fSAXlvNtCJEZJ+noloEN+JrDuK9spvwrsJQocEvr5FME1KFWt8Zot49eOPA8QIiJXHvSwdu8Tmkq1ewUzMi7F4Ofdi6nyCCpESLOk5XOcEZ7AQFU8rBfLOkVDK82byBJtKXtBSMv6otXQNaP3yQHJi1FLX2+GvH+YVT9zCdItK2fsQu9GDE/K+QAuKnDfGP+/a6FXGot2ZMksw69KRBu8+SflkgQcxyuPU/U04P/Ngix5PaqO+E5k6Kg4NBvbAhPKInUEUV3HTuZxbNE5PYb8mWoH04hW4mHtJKoFlYCn7007EUscrlgIwYya2NurDvi4UnpLAxhaa3bjTKbO2kyaFqifkD2SrxidHJpjbmrfZs8s+V+3P6+RXFATvN9tgC5JQM9xxUfwhUwsRygU24gA6/iaknwkcxkQFqrM4xzWc5XmqBEio9ReuV0A3sQzs3M02+ZzTnlg86iIwSKLh4gOKKhp8o3nzzAYsVByo7QaScPIBAkcSMocc/aQbhiQD8jP2vyLqfoHEyrHJhKQvJiCJ4yQON2aWxs82NEFqH+z0TWoCopmXyxIoq/y2PbON4eURkfrsKrJIJ13Dn1gCaxaX8YO5GPlhA4v2s775LYKLBO1D3pKMpuuyEWHx11Q6mU5NpO1ftYjd6W08cbPjoAbQluzpdavrH6OaVxq9GBMz4mjSqC0AN0KHKVfedDrsoYu9Bq5SpmxyT6h4Mh3e3TgDRG8Qw7kLx+VYg+3Bb3BiOs4Kbhkz/tOHkYF3c6vpKkxmLShEdd0Fh3HGQ9l58WWbExOtc7YnTuSXQw4LBrTgiPP4OL+xo0GBjqhdOgr8HEzS7ZFZXyholSpCYpOjZ9giI60/QbDjVan230x3K5XMcuuEOQs/0ANRucxHILQC/TmX4HjV1ctRkDcQJNyP02sv7XL78KLsOEF4HdmRFs4DLLozbMSgUJuJMATOOvZT7tNmnhJvGgbcH0/FVt9JY/I40HNBQ/pWapZt8BFuONYRRCNPfxZab786XdXKjG5IwxXcWbPCCT/uJCDQqhBrdvsUFkhf5HIBg650UPqAJIV4j6zRb1IiM3icGhVGhQQyoOI4KbR4weS6RP6UUrZk1aFedY9WnMXTvUusQO6HebsnAZaSkF13qZ3cenmT+TEHOBKyp85jQA2KUrVJXNXB/icSvx6a9MzzEw39eSj5R0G3YxI/trqQRgD+DKw2tepJSvpyMIyZKoRbxIooL2m6edEqJH81pIuq6ldwRHGtNvIragE/ij6GPFE9E/ilPI3BkRll6kQNcq2DSwIvGdv9M31qd5DwOM4M3n9R4JUzMs8MpVqbHB5T0IoUqsYAdLwNfbmDw3iHDOq3ov13WDP3vc+bdmr/UsHpPoFvamj5ubjXmAsgzuf6LOmPoG5TbPxt3Oiy937vqbRnwJUpux9weYHHtUO8+FZnSDRBKjfGSkRkCDN5wUJdGVX3UghddBgMQDPgnvvszCBr+YvyfeD+jLq7YeXQuUcLrZkSM5LndGma0PJVvHf+Yd24OeucDM4PgV2tPluCBFLPmkaeG0UY+Jitpsv/Y9KGAUiyguYsOTNRiK+ka4wDFUmHEpw8RRGE23p8+QXYVozV0XgYb7/mR3kGGxn6GuwK5CfVIO03Yf2ftd5YV9MAYztp/AGzbTcYBBTqlsjc+KXS1zhjIn6kaWuOO7vEzEdqxXrIfzCjoxXo2chOK0mnHVA1tR6GO02CzFbVlfRK+BcdapsUEaHpRTG09OdF56zj+pseZsVwD6CpqEoNnz34WAJkupQU7ADIbPxTPG4MfapboZtDcwEbBS3Div20a/YlJOajb6dzDa8iX+pXqcE+m7HaC9XUe3VTBKYcXJrK7OyYPMiZABmHAsZGmPqbGl2Q6Dpe4G2AAQ/vN07hD37z9zANt8vmK6hTfAai4/oiFWQa7fE1M1+CZnafjaKVya9vTl4zGoVaNkiLOyJ1PK3XdtxqzXE9TYdPxqW174B996Y8NKKrRi7d16b4hEUEYOxMdauy7jD1876CRIqdMyZvXtNA/2r5yGt3kX8TyFOE+w8guvBAp9GaPHuszYOmsrLPcqLFWLPrf7cBB7ftaK3ee5XoPAdjZsiiDEg/z0pJLYci+Hh7ESZ2/lsd7iOQyPrPU79oeQhaIreSTFZ2TifNtcmf4KtmPDRwX9IYB9PPZJ7RxESchO4bFne+PEpsYiBBLaT3uhehm/FLKTLNBMiY6rWwwGXuCal4zanQvQStRmfbbD1KL1szYHNosbJsioL5faRNLqtcO5pjzJNeyz99mw9Ild15XKUXmb8tO6eYFsDdMtT3jJlzTDVqSqlxsAkxXC4PXjbt5gVsRN3KMM0mfmYvCW51iH6FlNpet8GS6YA6kZI85XDfEvqDriaN2kYiov6VC6fWlHlYLK7cDr8pX4EoJqjnAsyVbldHeLdGRjxwT/wbqifMW2g99HRcJhsvEQfnD9+ojSGXx0ZC0GpuNlk6fqWm++bKgRlflBi2zKvhbUMsIrL2KvSFCggVwZQwhR6ACXGWhRpYcvpPYgRpO7dMFNz7dqrayV1P7UseSM7yusTSuDyZL6XXiPDthsGCoj/vwrcMOH3Cu9EgV1lntQ9HSnRwXOEz+qNSV8
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:11:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5705190d-533c-4911-8f86-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:12:07.000Z",
"modified": "2016-04-06T14:12:07.000Z",
"description": "PE32",
"pattern": "[file:name = 'calc.jpg' AND file:hashes.SHA1 = 'ab8bd52bbc1dfe3099df73fafc8504f4fa5e1430']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:12:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5705190e-57f0-4e76-b06a-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:12:02.000Z",
"modified": "2016-04-06T14:12:02.000Z",
"description": "PE32",
"pattern": "[file:name = 'calc.jpg' AND file:hashes.SHA256 = '276de439d900d6fc8a589bad01bf71e4379c3ce0228d57ec0620542b51d2e76d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:12:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5705190e-a394-43ac-a0f5-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:11:26.000Z",
"modified": "2016-04-06T14:11:26.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAG1xhkiErjcRDjoAAADCAAAgABwAZjQyNzVkN2U5MThmZTVhMDM4MWUwNTk2ODE4MWE3YTZVVAkAAw4ZBVcOGQVXdXgLAAEEIQAAAAQhAAAABJARjOC7gT27NhuwGom5kP3o/WQM1kYY4r8Eoc4XJzty2JRXmoyDPbs/V3MqFZoZZL8trZvv9fMtG7SLr4+rfnj7RmlusKgoPlDwr7qElPLdWTu/lR511rERSbtecMWPvjYwhj3BFJR1Hy1qrHZvgQxgEynnilaDKFaNUDRcGUXFgZEPKrbpFPN1YTz1kYWMct1mzlP6U3K15kGo9w0clyKPgKr13rPRT/7MjZQhgRkbCdExsRWr2PcJTbwIbarR3ksAVOKTlIrMY88P0qdLRhT+8jEkkk8S9CRRpuTVDi8uTpYKelaV86hyYz+xyaV/c+z8M5W0Oja0bnzsh6RgaeeyeWtVAE6zAtYpUA6J3G6qhd+I0BKD/dHproWKzAf349sVLgT0226qCD0otFEc0H1WwT0Kc8gA4G5rcj3vy10HX1jAZD4pR0kwIqci83VMf1W5jL0EcOHYKjFE7/UaICgcH2/oibAQPlJBN+3Zkry9bmhTmTeyH4qZcksMklfynq7I7HPs9bP78AXpnGuXndjgurR0++sgxNtRPtijXSAM4jkhCdjCc3DG+x2lTGegQZqtVkHeeAs3aACVEzv1+bSRLUrDS7pgUVpBjinzOrG2mYk8G5LjP9OLk4gnpq56c9qoxGMFlN+zuvpXv220gr4FUK0KHXf8AqGpgU8cKwZuJlPSj1mXHAFVqEutIWE3/sXl0L4gp1niX2AdA3xhWD2/u+hGhK05ipBSwel1l5AqmnBXyCqNSXEmUAt9p96gDbiSpk0sH/Ct6ti8gad+kN0ITaEwAv5AfgR8AY+JErGhsMNUbfOuWBCefPaA01yNnrXFNK1vVbE9slBIu+I0vVlaQ5ECgL3IVjWm3KMU1FqIB9PIIe3UN9CYHOpeQUtlNuMfYpvoeRT9LpB7DClBPCmowNSxIsgmjT4rTxIV4q+gdExKcBzBsd4OIyJV0EbS1JewxsgMOdN/nZUkm0LndiSvh06G/WGvEUo+bALsZYEIsvJvK/LEJKRv5Ea6YXSerJdqxtoNrIaaG8VmVaPkhVfNYMvJJ+2LFvchOFebz5oj4xys62sAp6wsZsh0LxkglvUvqjJGeF33jfnYisXcNFhDRyYfQb90NSFPbl1IUr8oA/zsHkSfSmyvxFNnw8ohbD+SZrStU+v1xz5Kfg5Oe8YGq3FS7/4+18I5GBAMX+29ffEeID0jjnHvEDE3xHV0Qes4szDQH73SsU4Cxf4H1u9yNwY0l0u0D2HzdxsY17+4Dah5ot8tu7oYbdJMoknv8pvHdewWQB32gbgoB+9gEa0XMoM3fgyrj0kvxNFQStHTCvLMkJ8EMBFi54FBYmXIULERcF1tyLDPpEiecM6ve23ltXY1Qa9tzXS8LIPKWWuaJW3a45GHgfKpkDIcYS6ac3bjjxdRk1UV5OXtJlHTpUxBl8ifyYi+eUmXIo2FyB46N553nfWYXVVR/QgcKaeKfWfzebXfV7iuFfyig5eQz7UXpWrnSroqyBdYm7fwjIHSIAq7rNsYHCn1npA7+IgjpvAYfcCKCKG0GOXksKa3mmHi5/4+EyzVsJEetcGLTFlMoDtmcivfFAsxik3A251MuylY/YTVfbU+Gu4WZ7uVo5TKhaPMvUGtI6BNwoh2+gw3Xsg/o7bafiyg0Zv0E+RaxvfXaZK2QACrQqICuq1a96ldSM/ijZRWPUqklSf70jzOq2H+e3jVOxgFYA/rham0/knPH9ojU5XZTdCl8kYT7oUNIMa1o8dSRhORMqqQZ650kTdeIDMorn5wYcMng90Mj/HgbOvnTgghOV/0fFp562qregMZ9PiLtQmF+eczgPVRkY1DwxaBlGO5kY9SzY9/YShfRfyZocThKJk1l2vyiDEBadkTyjpybrjEBKLyex50LuEO5ZKSJQ9cdtLxhO3GiM0IqcwFY6xgqw2p07gi+ZG4ztbjICtylDvpiCknYUZLPiIPgho8w+K2vw+oCGeL4J7ajQNcWwMkR6pgsvqfwow7wb5puLsX9TnVhSx3J86mGrerxng+Tx/NCHVwASMvC9MpHOZ168IIzxT6HvbkSmvKsUnIUjoxMihjGamRORWdhkRWpNjhFLu+PQLiQBdN9NZyxdOsntBq9Y+fEnDxBHFlfqNs9snUdtL4aioJLDezeAirfaWl1x85hK4kLXZAoR2M96xmXUbmiqsTHdSic+nCKtFezW0oAHNVMY9EomrXi/1vlwOsXtKlSDsBPO0/ewi71Ur1Gy8xQV1n3hMVEZlXuqYcMYVQ88Nl/RNeF1FEGBKO5JTnCVruM43/S1E29rZf1jpfB0o82Mj/tkG6L6dtQatKHtHVyH1RRz+mItu1MvirtjwT+Of7enr3vWwQkwLti9hl5DPaGRwkas5bre+0IOJHPFN091Sx61MHXv1grMrPrnWeQRlwIfP6MYTcvjlFxqBVZqB8pT4Or9aihbPQ6OAWK/dy/TIaxYdu7vNd865JPcMh65Hb55PoXzQt+/JChUMIO2bzKFOzZo2AeNhypFE2v05J3Q+M6/Q/hObYdeNnbxCGg6ZdpORObMiz1MJ0tEmaVPyrJnT8UiIZz9yuRHxtj2SFUY41ixzeJSB8Ak9lODtuv31kiL83tjLMUdJEgjEClb8SWF31sA7WbTUBN1FUvJj5yP+S0X5RAWTdaAU+7KBjms/PkI9r1ExQINPe7tLzUjR/mlC+xBw62NONFjU7TCQAsLa/mFJNGNzkt1n92Xor64siIar5VDzJwBA+i6Zpzc97yCpkm9ttjZme9z74ivf8zFZaWN5mVnpPSHsNzcUfz6+tHdUF9gY5Act5v+jN9JhJQFT5ol6UPEAbhk6m6ZMJngBx9kiTx+zEeBYhtqgjMWHTEjuogDG0QdII+79Vd+jdDok8IwLa2s+IdX5ayd0KEcwquKeU5aQzSkSjCJWfgaLS6Q9zLFodDCqlPlZODHmo3BjMMmi44P/f4BteE/yfWoV6ShTFR/Rr+gYN2mvxbUl6cU5+yAsS7RNIJ+ydOHl/OF8GW9JY/uAZi1wTFdeNp+WZVcBSWLS0Q3NWwN/y988OEOaAKDC/HwP+JPi8i9mxPUnLVPsvKqE8y/xtnmxJd7erhSW+zhfxuBer3ae/tTuQWAATiJjFZUt6fTFaACkUZeyCHCIkWs7NtS86RT051WHmZZ9yc9gU7caBKFLqw80Z246xlkqGhiiAxqls+L0GyqcEenQ4gCb33eM8qXmPjbt7VkPCe3gWA48KapPtaEjKXXdz5aTxX4BNZ7IGO4b3iSH8AvHQXfXsiWmyQKlg2XgWcADiEtwYbfCu07tofjM3PuNhttCY9BiZOpXtFzgWCpvl8dUfzSXn9JrB8mZTpJzwtlXz6RxgbckgcvLTwt9UvFP+WJcFMFOAneAE6mUS2IxrH4cSsp5xTdd/DQFYayaMdnW6QMT7y+e7NN5/GspX6Qp/lksOVR5vnNbuV/8mrqpzRz21AuSg6jFqQ/u/2paMfrw+vYqYHY9W/iZaG3dmgrbr9AX8gUf4PClE9gZH51qTSN9doB8ZXuPFAn20qgFkg0yY4fwvRRqVC9x9Xi383+G7hMYYw90gGN1Ctp0yPyXJKgWWYlw5xaFX+UbG12pV9xtLa5jnSuSIIKRhXln4NK5crHone7U3SI/ipTyepY5tBkjFkmPqL+zd4zzok7XXtVCll9+VfHRVbrVIfsE7I5rpEJhf2tzJhWje1NLawj+Sb9yOoeL7JihfcS725erHaeerOUsCF3ypZu4MXxHHBL2O9/geJgiJQrxNvNz68GXA+qcI36Mv5U4C7mt+rANQKoltMQ+HKDiC9z629fqjtAN8lTwgppSOji77DkFYHoQEsVIwg6X9fwvdw+fXt+ULJMhQoic8Whufi0qjc6M87VSjA7Zv3IVura+iFe6Uhq
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:11:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5705190f-a5bc-40ab-8936-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:11:27.000Z",
"modified": "2016-04-06T14:11:27.000Z",
"pattern": "[file:name = 'Invoice Number 2304144 - Issue Date 02160840.rtf' AND file:hashes.SHA1 = 'db6ed6117a984eef40e726675d5d05243e91a119']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:11:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57051910-c938-4ec5-ba8b-506a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:11:28.000Z",
"modified": "2016-04-06T14:11:28.000Z",
"pattern": "[file:name = 'Invoice Number 2304144 - Issue Date 02160840.rtf' AND file:hashes.SHA256 = 'f2c14a8e8e80f37dca28e86d6796f16b37091b90a4a9dd6f471dd3dd276db232']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-06T14:11:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5705221c-a7a8-4187-aed5-ec2a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:50:03.000Z",
"modified": "2016-04-06T14:50:03.000Z",
"first_observed": "2016-04-06T14:50:03Z",
"last_observed": "2016-04-06T14:50:03Z",
"number_observed": 1,
"object_refs": [
"url--5705221c-a7a8-4187-aed5-ec2a02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5705221c-a7a8-4187-aed5-ec2a02de0b81",
"value": "https://www.virustotal.com/file/276de439d900d6fc8a589bad01bf71e4379c3ce0228d57ec0620542b51d2e76d/analysis/1459953304/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5705221c-fea0-4be0-b674-ec2a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-04-06T14:50:04.000Z",
"modified": "2016-04-06T14:50:04.000Z",
"first_observed": "2016-04-06T14:50:04Z",
"last_observed": "2016-04-06T14:50:04Z",
"number_observed": 1,
"object_refs": [
"url--5705221c-fea0-4be0-b674-ec2a02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5705221c-fea0-4be0-b674-ec2a02de0b81",
"value": "https://www.virustotal.com/file/f2c14a8e8e80f37dca28e86d6796f16b37091b90a4a9dd6f471dd3dd276db232/analysis/1459951183/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}