misp-circl-feed/feeds/circl/stix-2.1/578399b0-5b4c-4ddd-b1ad-4a2d950d210f.json

2438 lines
101 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--578399b0-5b4c-4ddd-b1ad-4a2d950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2017-06-22T20:12:07.000Z",
"modified": "2017-06-22T20:12:07.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--578399b0-5b4c-4ddd-b1ad-4a2d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2017-06-22T20:12:07.000Z",
"modified": "2017-06-22T20:12:07.000Z",
"name": "What's in a server name (on APT28/Sofacy) by ThreatConnect",
"published": "2017-06-22T20:13:12Z",
"object_refs": [
"indicator--578399c7-83f4-44a6-a800-aeca950d210f",
"indicator--57839ac0-9fbc-4f20-82c5-8b14950d210f",
"indicator--57839ac0-e15c-49fa-97f0-8b14950d210f",
"indicator--57839ac1-319c-43c7-9b3c-8b14950d210f",
"indicator--57839ac1-36f0-4d31-b72b-8b14950d210f",
"indicator--57839ac2-0194-4f9f-ba67-8b14950d210f",
"indicator--57839ac2-d554-43fe-98d8-8b14950d210f",
"indicator--57839ac2-b5dc-43ec-a7f6-8b14950d210f",
"indicator--57839c16-876c-403b-b4d5-aec9950d210f",
"indicator--57839c17-33d0-45d9-8405-aec9950d210f",
"indicator--57839c17-34b0-43dc-8dc2-aec9950d210f",
"indicator--57839c18-b078-4fce-8baf-aec9950d210f",
"indicator--57839c19-90d8-422b-a076-aec9950d210f",
"indicator--57839c1a-7c40-4b49-af38-aec9950d210f",
"indicator--57839c1b-cb68-402a-90c3-aec9950d210f",
"indicator--57839c1c-988c-4a9e-8555-aec9950d210f",
"indicator--57839c1d-bf20-4866-a7f1-aec9950d210f",
"indicator--57839c1d-8dec-46de-9486-aec9950d210f",
"indicator--57839c1e-b0b8-4ddb-8046-aec9950d210f",
"indicator--57839c1f-a6ec-4ac8-b577-aec9950d210f",
"indicator--57839c20-8bb8-4db2-8055-aec9950d210f",
"indicator--57839c21-eb58-404d-b1fc-aec9950d210f",
"indicator--57839c22-4a3c-43af-9f7c-aec9950d210f",
"indicator--57839c23-fee4-49a3-a594-aec9950d210f",
"indicator--57839c24-a648-4da5-88ee-aec9950d210f",
"indicator--57839c25-ac48-4180-b00a-aec9950d210f",
"indicator--57839c26-5f30-4868-9eb5-aec9950d210f",
"indicator--57839c27-7aac-48f4-99cb-aec9950d210f",
"indicator--57839c28-9430-40a6-914f-aec9950d210f",
"indicator--57839c29-21d8-400b-8fba-aec9950d210f",
"indicator--57839c29-1f9c-4dc3-9414-aec9950d210f",
"indicator--57839c2b-e758-48a6-872e-aec9950d210f",
"indicator--57839c2b-d3c4-4052-a3d0-aec9950d210f",
"indicator--57839c2c-2d14-4b93-b4b7-aec9950d210f",
"indicator--57839c2d-c658-4d32-8a8b-aec9950d210f",
"indicator--57839c2e-bb44-4f3f-a4a9-aec9950d210f",
"indicator--57839c2f-1784-47a7-b994-aec9950d210f",
"indicator--57839c2f-84c0-4737-a4f0-aec9950d210f",
"indicator--57839c31-b0dc-44ea-93cc-aec9950d210f",
"indicator--57839c32-0abc-4ada-8ef4-aec9950d210f",
"indicator--57839c33-93f4-44e5-9527-aec9950d210f",
"indicator--57839c34-9ce8-49d6-a2fa-aec9950d210f",
"indicator--57839c35-8b84-416a-b6be-aec9950d210f",
"indicator--57839c36-bba8-4ee4-91b1-aec9950d210f",
"indicator--57839c37-11b4-43b0-8645-aec9950d210f",
"indicator--57839c38-af4c-4294-a191-aec9950d210f",
"indicator--57839c39-bec8-43af-bac0-aec9950d210f",
"indicator--57839c3a-2030-4043-be56-aec9950d210f",
"indicator--57839c3b-1df8-4dc5-92db-aec9950d210f",
"indicator--57839c3c-ce18-430e-b868-aec9950d210f",
"observed-data--57839cd6-2fe8-4f04-9c8a-b186950d210f",
"url--57839cd6-2fe8-4f04-9c8a-b186950d210f",
"x-misp-attribute--57839ee3-a364-4550-9604-8b14950d210f",
"x-misp-attribute--57839ee4-63c8-43ae-9db9-8b14950d210f",
"x-misp-attribute--57839ee4-ab40-4f1d-a5c1-8b14950d210f",
"x-misp-attribute--57839ee5-5e1c-41ca-9b2e-8b14950d210f",
"x-misp-attribute--57839ee5-a9e8-412c-9512-8b14950d210f",
"x-misp-attribute--57839ee5-2d88-4d92-ac16-8b14950d210f",
"x-misp-attribute--57839ee6-b114-4db1-84d4-8b14950d210f",
"x-misp-attribute--57839ee6-c990-41fc-ae50-8b14950d210f",
"x-misp-attribute--57839ee7-e438-4a35-984f-8b14950d210f",
"x-misp-attribute--57839ee7-0ea4-43b9-a65f-8b14950d210f",
"x-misp-attribute--57839ee7-c6c0-441a-b1e3-8b14950d210f",
"x-misp-attribute--57839ee8-0278-4fee-81da-8b14950d210f",
"x-misp-attribute--57839ee8-8c08-4f0a-ab3e-8b14950d210f",
"x-misp-attribute--57839ee9-f7e8-42c8-9184-8b14950d210f",
"x-misp-attribute--57839ee9-4ad4-43a2-a76a-8b14950d210f",
"x-misp-attribute--57839eea-e328-4f77-a090-8b14950d210f",
"x-misp-attribute--57839eea-1834-4eb4-9a8a-8b14950d210f",
"x-misp-attribute--57839eeb-99d4-4918-be6e-8b14950d210f",
"x-misp-attribute--57839eeb-340c-4003-8a48-8b14950d210f",
"x-misp-attribute--57839eec-bb24-40c3-ace6-8b14950d210f",
"x-misp-attribute--57839eec-08c4-453f-91ca-8b14950d210f",
"x-misp-attribute--57839eed-bf74-4b73-9f07-8b14950d210f",
"x-misp-attribute--57839eed-4bc0-4e40-826b-8b14950d210f",
"x-misp-attribute--57839eee-2480-4137-9e07-8b14950d210f",
"x-misp-attribute--57839eee-426c-4f54-89bd-8b14950d210f",
"x-misp-attribute--57839eef-0c64-4cfd-881d-8b14950d210f",
"x-misp-attribute--57839eef-e768-4bd2-8722-8b14950d210f",
"x-misp-attribute--57839eef-e688-44c2-8ce6-8b14950d210f",
"x-misp-attribute--57839eef-28ac-4259-804f-8b14950d210f",
"x-misp-attribute--57839eef-0ec4-4728-b446-8b14950d210f",
"x-misp-attribute--57839ef0-e4f0-46e0-94d9-8b14950d210f",
"x-misp-attribute--57839ef0-c0e0-4c95-afee-8b14950d210f",
"x-misp-attribute--57839ef0-7c88-4c81-b84f-8b14950d210f",
"x-misp-attribute--57839ef0-58bc-424c-abca-8b14950d210f",
"x-misp-attribute--57839ef0-6b18-4afe-a302-8b14950d210f",
"x-misp-attribute--57839ef1-bf14-4468-ab8c-8b14950d210f",
"x-misp-attribute--57839ef1-4e14-46ac-931f-8b14950d210f",
"x-misp-attribute--57839ef1-4bbc-46f8-a200-8b14950d210f",
"x-misp-attribute--57839ef1-07dc-4c81-b1f2-8b14950d210f",
"x-misp-attribute--57839ef1-cce0-46e8-9a8b-8b14950d210f",
"x-misp-attribute--57839ef2-b0cc-49f5-bf83-8b14950d210f",
"x-misp-attribute--57839f1b-a1d8-41fb-a191-421d950d210f",
"x-misp-attribute--57839f1b-63fc-4c5b-ad71-4436950d210f",
"x-misp-attribute--57839f1c-031c-4582-aa4c-4009950d210f",
"x-misp-attribute--57839f1c-342c-436b-be17-42b2950d210f",
"indicator--57839f90-f914-4427-9b0b-c1f5950d210f",
"indicator--57839f90-7ad0-4667-99fc-c1f5950d210f",
"indicator--57839fcd-55c4-4920-9a6a-c1f3950d210f",
"observed-data--57839fcd-083c-4bc9-85a2-c1f3950d210f",
"domain-name--57839fcd-083c-4bc9-85a2-c1f3950d210f",
"observed-data--57839fce-c338-440f-9ec6-c1f3950d210f",
"domain-name--57839fce-c338-440f-9ec6-c1f3950d210f",
"indicator--57839fce-4568-4c45-a556-c1f3950d210f",
"indicator--57839fcf-e7d8-4f36-934a-c1f3950d210f",
"indicator--57839fcf-8704-44a1-8383-c1f3950d210f",
"indicator--57839fd0-9d34-4d45-8d3b-c1f3950d210f",
"observed-data--57839fd0-65c8-4304-a029-c1f3950d210f",
"domain-name--57839fd0-65c8-4304-a029-c1f3950d210f",
"indicator--57839fd0-85ec-4a92-8c4b-c1f3950d210f",
"indicator--57839fd1-988c-42c1-9a57-c1f3950d210f",
"indicator--57839fd1-f574-43ee-947a-c1f3950d210f",
"observed-data--57839fd2-3ad0-4b53-aa5d-c1f3950d210f",
"domain-name--57839fd2-3ad0-4b53-aa5d-c1f3950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"OSINT",
"Threat:Sofacy/APT28",
"misp-galaxy:threat-actor=\"Sofacy\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--578399c7-83f4-44a6-a800-aeca950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:06:15.000Z",
"modified": "2016-07-11T13:06:15.000Z",
"pattern": "[domain-name:value = 'misdepatrment.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:06:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac0-9fbc-4f20-82c5-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:24.000Z",
"modified": "2016-07-11T13:10:24.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'militaryobserver.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac0-e15c-49fa-97f0-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:24.000Z",
"modified": "2016-07-11T13:10:24.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sysprofsvc.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac1-319c-43c7-9b3c-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:25.000Z",
"modified": "2016-07-11T13:10:25.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'winsyscheck.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac1-36f0-4d31-b72b-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:25.000Z",
"modified": "2016-07-11T13:10:25.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.90.132.194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac2-0194-4f9f-ba67-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:26.000Z",
"modified": "2016-07-11T13:10:26.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'euronews24.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac2-d554-43fe-98d8-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:26.000Z",
"modified": "2016-07-11T13:10:26.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'naoasch.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839ac2-b5dc-43ec-a7f6-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:10:26.000Z",
"modified": "2016-07-11T13:10:26.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:hashes.MD5 = '2045efb4da99b3af154814888be43390']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:10:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c16-876c-403b-b4d5-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:06.000Z",
"modified": "2016-07-11T13:16:06.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeflashdownload.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c17-33d0-45d9-8405-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:07.000Z",
"modified": "2016-07-11T13:16:07.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeflashplayer.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c17-34b0-43dc-8dc2-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:07.000Z",
"modified": "2016-07-11T13:16:07.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeupdater.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c18-b078-4fce-8baf-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:08.000Z",
"modified": "2016-07-11T13:16:08.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeupdatetechnology.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c19-90d8-422b-a076-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:09.000Z",
"modified": "2016-07-11T13:16:09.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adoble.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1a-7c40-4b49-af38-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:10.000Z",
"modified": "2016-07-11T13:16:10.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'pdf-online-viewer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1b-cb68-402a-90c3-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:11.000Z",
"modified": "2016-07-11T13:16:11.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'akamaitechnologysupport.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1c-988c-4a9e-8555-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:12.000Z",
"modified": "2016-07-11T13:16:12.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'akamaitechupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1d-bf20-4866-a7f1-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:12.000Z",
"modified": "2016-07-11T13:16:12.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'helper-akamai.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1d-8dec-46de-9486-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:13.000Z",
"modified": "2016-07-11T13:16:13.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'cdncloudflare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1e-b0b8-4ddb-8046-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:14.000Z",
"modified": "2016-07-11T13:16:14.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'cloudfiare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c1f-a6ec-4ac8-b577-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:15.000Z",
"modified": "2016-07-11T13:16:15.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'egypressoffice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c20-8bb8-4db2-8055-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:16.000Z",
"modified": "2016-07-11T13:16:16.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'access-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c21-eb58-404d-b1fc-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:17.000Z",
"modified": "2016-07-11T13:16:17.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'cdn-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c22-4a3c-43af-9f7c-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:18.000Z",
"modified": "2016-07-11T13:16:18.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'marshmallow-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c23-fee4-49a3-a594-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:19.000Z",
"modified": "2016-07-11T13:16:19.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'terms-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c24-a648-4da5-88ee-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:20.000Z",
"modified": "2016-07-11T13:16:20.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'honeyvvell.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c25-ac48-4180-b00a-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:21.000Z",
"modified": "2016-07-11T13:16:21.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'thehufflngtonpost.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c26-5f30-4868-9eb5-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:22.000Z",
"modified": "2016-07-11T13:16:22.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelintelligence.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c27-7aac-48f4-99cb-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:23.000Z",
"modified": "2016-07-11T13:16:23.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelsupportcenter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c28-9430-40a6-914f-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:24.000Z",
"modified": "2016-07-11T13:16:24.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelsupportcenter.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c29-21d8-400b-8fba-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:25.000Z",
"modified": "2016-07-11T13:16:25.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'micoft.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c29-1f9c-4dc3-9414-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:25.000Z",
"modified": "2016-07-11T13:16:25.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'microsoft-updates.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2b-e758-48a6-872e-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:27.000Z",
"modified": "2016-07-11T13:16:27.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ms-drivadptrwin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2b-d3c4-4052-a3d0-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:27.000Z",
"modified": "2016-07-11T13:16:27.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ms-sus6.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2c-2d14-4b93-b4b7-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:28.000Z",
"modified": "2016-07-11T13:16:28.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ms-updates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2d-c658-4d32-8a8b-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:29.000Z",
"modified": "2016-07-11T13:16:29.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'securesystemwin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2e-bb44-4f3f-a4a9-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:30.000Z",
"modified": "2016-07-11T13:16:30.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'win-wnigarden.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2f-1784-47a7-b994-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:31.000Z",
"modified": "2016-07-11T13:16:31.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wincodec.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c2f-84c0-4737-a4f0-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:31.000Z",
"modified": "2016-07-11T13:16:31.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'windowsnewupdated.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c31-b0dc-44ea-93cc-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:33.000Z",
"modified": "2016-07-11T13:16:33.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'winninggroup-sg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c32-0abc-4ada-8ef4-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:34.000Z",
"modified": "2016-07-11T13:16:34.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wm-z.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c33-93f4-44e5-9527-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:35.000Z",
"modified": "2016-07-11T13:16:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wmepadtech.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c34-9ce8-49d6-a2fa-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:36.000Z",
"modified": "2016-07-11T13:16:36.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'nato-org.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c35-8b84-416a-b6be-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:37.000Z",
"modified": "2016-07-11T13:16:37.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'natoadviser.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c36-bba8-4ee4-91b1-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:38.000Z",
"modified": "2016-07-11T13:16:38.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sec-verified.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c37-11b4-43b0-8645-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:39.000Z",
"modified": "2016-07-11T13:16:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'theguardiannews.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c38-af4c-4294-a191-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:40.000Z",
"modified": "2016-07-11T13:16:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'theguardianpress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c39-bec8-43af-bac0-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:14.000Z",
"modified": "2016-07-11T13:28:14.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'services-gov.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:28:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c3a-2030-4043-be56-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:42.000Z",
"modified": "2016-07-11T13:16:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'goaarmy.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c3b-1df8-4dc5-92db-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:43.000Z",
"modified": "2016-07-11T13:16:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'govsh.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839c3c-ce18-430e-b868-aec9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:16:44.000Z",
"modified": "2016-07-11T13:16:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wsjworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:16:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57839cd6-2fe8-4f04-9c8a-b186950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:19:18.000Z",
"modified": "2016-07-11T13:19:18.000Z",
"first_observed": "2016-07-11T13:19:18Z",
"last_observed": "2016-07-11T13:19:18Z",
"number_observed": 1,
"object_refs": [
"url--57839cd6-2fe8-4f04-9c8a-b186950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--57839cd6-2fe8-4f04-9c8a-b186950d210f",
"value": "https://threatconnect.com/whats-in-a-name-server/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee3-a364-4550-9604-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:03.000Z",
"modified": "2016-07-11T13:28:03.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "j.wang@uymail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee4-63c8-43ae-9db9-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:04.000Z",
"modified": "2016-07-11T13:28:04.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "play@xtcmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee4-ab40-4f1d-a5c1-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:04.000Z",
"modified": "2016-07-11T13:28:04.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "vrickson@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee5-5e1c-41ca-9b2e-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:05.000Z",
"modified": "2016-07-11T13:28:05.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "best.cameron@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee5-a9e8-412c-9512-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:05.000Z",
"modified": "2016-07-11T13:28:05.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "surleoborden@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee5-2d88-4d92-ac16-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:05.000Z",
"modified": "2016-07-11T13:28:05.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "weronika76@hotmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee6-b114-4db1-84d4-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:06.000Z",
"modified": "2016-07-11T13:28:06.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "josiekilbyav@aol.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee6-c990-41fc-ae50-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:06.000Z",
"modified": "2016-07-11T13:28:06.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "bergers3008@usa.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee7-e438-4a35-984f-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:07.000Z",
"modified": "2016-07-11T13:28:07.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "guiromolly@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee7-0ea4-43b9-a65f-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:07.000Z",
"modified": "2016-07-11T13:28:07.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "loots@tuta.io"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee7-c6c0-441a-b1e3-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:07.000Z",
"modified": "2016-07-11T13:28:07.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "mia.konzet99@ok.de"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee8-0278-4fee-81da-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:08.000Z",
"modified": "2016-07-11T13:28:08.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "dana.raphaela@chewiemail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee8-8c08-4f0a-ab3e-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:08.000Z",
"modified": "2016-07-11T13:28:08.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "abuse@opticaljungle.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee9-f7e8-42c8-9184-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:09.000Z",
"modified": "2016-07-11T13:28:09.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "issacgolden@hmamail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ee9-4ad4-43a2-a76a-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:09.000Z",
"modified": "2016-07-11T13:28:09.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "gregorio.oconnor@hmamail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eea-e328-4f77-a090-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:10.000Z",
"modified": "2016-07-11T13:28:10.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "artur.klimenkov@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eea-1834-4eb4-9a8a-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:10.000Z",
"modified": "2016-07-11T13:28:10.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "pinfiangtw@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eeb-99d4-4918-be6e-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:11.000Z",
"modified": "2016-07-11T13:28:11.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "mattew.barnes@aol.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eeb-340c-4003-8a48-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:11.000Z",
"modified": "2016-07-11T13:28:11.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "petkrist@myself.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eec-bb24-40c3-ace6-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:12.000Z",
"modified": "2016-07-11T13:28:12.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "fisterboks@email.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eec-08c4-453f-91ca-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:12.000Z",
"modified": "2016-07-11T13:28:12.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "syst.soul@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eed-bf74-4b73-9f07-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:13.000Z",
"modified": "2016-07-11T13:28:13.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "m8r-abrn11@mailinator.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eed-4bc0-4e40-826b-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:13.000Z",
"modified": "2016-07-11T13:28:13.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "mr.michoverton@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eee-2480-4137-9e07-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:14.000Z",
"modified": "2016-07-11T13:28:14.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "ken.tanaka@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eee-426c-4f54-89bd-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:14.000Z",
"modified": "2016-07-11T13:28:14.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "sandra.rafaela@chewiemail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eef-0c64-4cfd-881d-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:15.000Z",
"modified": "2016-07-11T13:28:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "bkopfer7101@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eef-e768-4bd2-8722-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:15.000Z",
"modified": "2016-07-11T13:28:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "elfreda.pollie@chewiemail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eef-e688-44c2-8ce6-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:15.000Z",
"modified": "2016-07-11T13:28:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "ruzeedomeon@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eef-28ac-4259-804f-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:15.000Z",
"modified": "2016-07-11T13:28:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "agnasirahmedd@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839eef-0ec4-4728-b446-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:15.000Z",
"modified": "2016-07-11T13:28:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "s.penn.254@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef0-e4f0-46e0-94d9-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:16.000Z",
"modified": "2016-07-11T13:28:16.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "j.holmberg@dr.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef0-c0e0-4c95-afee-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:16.000Z",
"modified": "2016-07-11T13:28:16.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "shawanda.kirlin37@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef0-7c88-4c81-b84f-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:16.000Z",
"modified": "2016-07-11T13:28:16.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "barry.smith2004@yandex.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef0-58bc-424c-abca-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:16.000Z",
"modified": "2016-07-11T13:28:16.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "leo.link@email.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef0-6b18-4afe-a302-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:16.000Z",
"modified": "2016-07-11T13:28:16.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "cjgr8hm@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef1-bf14-4468-ab8c-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:17.000Z",
"modified": "2016-07-11T13:28:17.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "idolbreaker@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef1-4e14-46ac-931f-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:17.000Z",
"modified": "2016-07-11T13:28:17.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "paulbecker@cock.li"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef1-4bbc-46f8-a200-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:17.000Z",
"modified": "2016-07-11T13:28:17.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "saira.samosa@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef1-07dc-4c81-b1f2-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:17.000Z",
"modified": "2016-07-11T13:28:17.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "owen@kehoe.org"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef1-cce0-46e8-9a8b-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:17.000Z",
"modified": "2016-07-11T13:28:17.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "noshare1024@gmail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839ef2-b0cc-49f5-bf83-8b14950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:18.000Z",
"modified": "2016-07-11T13:28:18.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "SOA email",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "mishel_corp@mail.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839f1b-a1d8-41fb-a191-421d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:59.000Z",
"modified": "2016-07-11T13:28:59.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "8yhi4xqycpzm@mail.ru"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839f1b-63fc-4c5b-ad71-4436950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:28:59.000Z",
"modified": "2016-07-11T13:28:59.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "v9sa2cml@instancemail.net"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839f1c-031c-4582-aa4c-4009950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:29:00.000Z",
"modified": "2016-07-11T13:29:00.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "contacts@up57893.in"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57839f1c-342c-436b-be17-42b2950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:29:00.000Z",
"modified": "2016-07-11T13:29:00.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\""
],
"x_misp_category": "Attribution",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "admin@wm-z.biz"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839f90-f914-4427-9b0b-c1f5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:30:56.000Z",
"modified": "2016-07-11T13:30:56.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.135.183.154']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:30:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839f90-7ad0-4667-99fc-c1f5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:30:56.000Z",
"modified": "2016-07-11T13:30:56.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.32.129.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:30:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fcd-55c4-4920-9a6a-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:57.000Z",
"modified": "2016-07-11T13:31:57.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'vice-news.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:31:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57839fcd-083c-4bc9-85a2-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:57.000Z",
"modified": "2016-07-11T13:31:57.000Z",
"first_observed": "2016-07-11T13:31:57Z",
"last_observed": "2016-07-11T13:31:57Z",
"number_observed": 1,
"object_refs": [
"domain-name--57839fcd-083c-4bc9-85a2-c1f3950d210f"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--57839fcd-083c-4bc9-85a2-c1f3950d210f",
"value": "xtraorbit.com"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57839fce-c338-440f-9ec6-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:58.000Z",
"modified": "2016-07-11T13:31:58.000Z",
"first_observed": "2016-07-11T13:31:58Z",
"last_observed": "2016-07-11T13:31:58Z",
"number_observed": 1,
"object_refs": [
"domain-name--57839fce-c338-440f-9ec6-c1f3950d210f"
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--57839fce-c338-440f-9ec6-c1f3950d210f",
"value": "xo.earth.orderbox-dns.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fce-4568-4c45-a556-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:58.000Z",
"modified": "2016-07-11T13:31:58.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'eurosatory2014.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:31:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fcf-e7d8-4f36-934a-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:59.000Z",
"modified": "2016-07-11T13:31:59.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'webmail-saic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:31:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fcf-8704-44a1-8383-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:31:59.000Z",
"modified": "2016-07-11T13:31:59.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'natoexhibitionff14.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:31:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fd0-9d34-4d45-8d3b-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:00.000Z",
"modified": "2016-07-11T13:32:00.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'tolonevvs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:32:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57839fd0-65c8-4304-a029-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:00.000Z",
"modified": "2016-07-11T13:32:00.000Z",
"first_observed": "2016-07-11T13:32:00Z",
"last_observed": "2016-07-11T13:32:00Z",
"number_observed": 1,
"object_refs": [
"domain-name--57839fd0-65c8-4304-a029-c1f3950d210f"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--57839fd0-65c8-4304-a029-c1f3950d210f",
"value": "carbon2u.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fd0-85ec-4a92-8c4b-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:00.000Z",
"modified": "2016-07-11T13:32:00.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'mail.hm.qov.hu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:32:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fd1-988c-42c1-9a57-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:01.000Z",
"modified": "2016-07-11T13:32:01.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'log-in-osce.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:32:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57839fd1-f574-43ee-947a-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:01.000Z",
"modified": "2016-07-11T13:32:01.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'academl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:32:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--57839fd2-3ad0-4b53-aa5d-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:32:02.000Z",
"modified": "2016-07-11T13:32:02.000Z",
"first_observed": "2016-07-11T13:32:02Z",
"last_observed": "2016-07-11T13:32:02Z",
"number_observed": 1,
"object_refs": [
"domain-name--57839fd2-3ad0-4b53-aa5d-c1f3950d210f"
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\""
]
},
{
"type": "domain-name",
"spec_version": "2.1",
"id": "domain-name--57839fd2-3ad0-4b53-aa5d-c1f3950d210f",
"value": "trademarkarea.com"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}