misp-circl-feed/feeds/circl/stix-2.1/5788c19e-ee40-43b8-9160-47da950d210f.json

{
    "type": "bundle",
    "id": "bundle--5788c19e-ee40-43b8-9160-47da950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:13.000Z",
            "modified": "2016-07-15T10:58:13.000Z",
            "name": "CIRCL",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--5788c19e-ee40-43b8-9160-47da950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:13.000Z",
            "modified": "2016-07-15T10:58:13.000Z",
            "name": "Malspam 2016-07-15 .zip/.jse",
            "published": "2016-07-15T11:05:42Z",
            "object_refs": [
                "indicator--5788c1b7-d1a8-4830-bf05-4d18950d210f",
                "indicator--5788c1b8-68f4-4ac5-8cf4-4979950d210f",
                "indicator--5788c1b8-2bb4-435c-ae16-45bf950d210f",
                "indicator--5788c1b9-ad88-4892-b0f1-45d4950d210f",
                "x-misp-attribute--5788c1c5-71bc-4849-aba3-4add950d210f",
                "indicator--5788c23a-0a5c-4760-9ca2-43e7950d210f",
                "indicator--5788c23b-b280-46cc-b101-41c1950d210f",
                "indicator--5788c23c-9240-48c2-96f4-4abf950d210f",
                "indicator--5788c253-ed00-4cb9-b8ee-4121950d210f",
                "indicator--5788c254-42d0-4fe5-a3b8-457d950d210f",
                "indicator--5788c255-fde0-49c7-a70f-40c0950d210f"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "circl:incident-classification=\"malware\""
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c1b7-d1a8-4830-bf05-4d18950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:57:59.000Z",
            "modified": "2016-07-15T10:57:59.000Z",
            "description": "download location",
            "pattern": "[url:value = 'http://cosdoshhp.top/log.php?f=2.gif']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T10:57:59Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"url\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c1b8-68f4-4ac5-8cf4-4979950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:00.000Z",
            "modified": "2016-07-15T10:58:00.000Z",
            "description": "download location",
            "pattern": "[file:name = 'cosdoshhp.top']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T10:58:00Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c1b8-2bb4-435c-ae16-45bf950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:00.000Z",
            "modified": "2016-07-15T10:58:00.000Z",
            "description": "download location",
            "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.170.117.124']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T10:58:00Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"ip-dst\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c1b9-ad88-4892-b0f1-45d4950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:01.000Z",
            "modified": "2016-07-15T10:58:01.000Z",
            "description": "download location",
            "pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.238.213.26']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T10:58:01Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"ip-dst\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "x-misp-attribute",
            "spec_version": "2.1",
            "id": "x-misp-attribute--5788c1c5-71bc-4849-aba3-4add950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T10:58:13.000Z",
            "modified": "2016-07-15T10:58:13.000Z",
            "labels": [
                "misp:type=\"user-agent\"",
                "misp:category=\"Network activity\""
            ],
            "x_misp_category": "Network activity",
            "x_misp_type": "user-agent",
            "x_misp_value": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c23a-0a5c-4760-9ca2-43e7950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:10.000Z",
            "modified": "2016-07-15T11:00:10.000Z",
            "description": ".jse example",
            "pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAVY70iaZwo/ayQAAB5hAAAgABwAMTU2Y2Q4M2I2YWM2MDg4ZWI4ZjFjOWVmOWE1YjI2MDNVVAkAAzrCiFc6wohXdXgLAAEEIQAAAAQhAAAAdVAca0cr+ZFIdepWVXglm7bC+4VjhaabGGcfGsK3/onGVNgGApvzlicUV67Q5YjxExeXDNScOFEy4xHl/HI5TpqX2WgSY3R6x3GDeHM2Yax7Voe3Dx9b8HnbvssDkdMGikSqNVZ4r3X8rrZKh4brnidUrooBH9LPjlYXzhHXf/JwWriQM+bjzrX96tYZjheUaRVwPbVq1HjPoCAQE7WuMI0XCCIEB0ZthNY/o02ISQ/UykBVDva2wyRIZN9zJK95K+Cow9P2XKZjlTDFm1j92jxPM8wVls789c8SLpLuU+AIc9VP+wulmlUKKDwsjF4wJBYsp8XRLItaiQ51gDakiLSnF1O85Uic/T0pFZd5acTeh9J1pWEMO85Z9ZnU3fkd29oKga6j0Z1Am+0SF6M1fhYReF6eD7Kdo6o3j27+h67GCDrTJ/OF1s7XslmIvQH9/lyw4UDdLufLdqgPssvaBx0xrys/YcTjilpMxwNrWEMPNmLemkBDpX8tFDW5CmSbSG4JRdCVdhtW5O4W2LzKJ80st38D8c2RcNnH4cQWETJ+x/VJpq+BBYhJukYbTuxgXCZChJknIq+cnggzA0kvSFd9e7eZvBLElQvJTc3UqVBLJ5LOEYCGlMvrLeQ+EK19hGeqdytpwttCYInKtRrWC5Qiub7bpqxF6DS4eeGhdN+uhqoRBJ8PKx0suZGDxRRjX+gKJjZCNlvOq5V6kHEpyNJ3KKmJXAsd8Djb/r+KaT7O0yiZH/OEzv/Kn+Fjvo1h/1dgy1NmD2vCU0CU8KIHCM/LM62wvWtdVSKs27/1rdxcDEaq1XZGfeaDrUBGQAK6QieZGtY9BTg/4WGerXGgmQouyfHmzw2uhtEH8KTx2Yv2ZAwErg8jsBjWLxjDacPLdd0lUnRooRhr4ica/XbUA403eF5/Q1OUs3I+qF7lMWacSg3kw1AADEgk9NTRDk6MYIOknFBpevBq9DrmayTbHPn0PK2kUPcfY4S/hevQ/M7t97GoALvZLq+/zaJ8rKe4igbCcyaq1Z0ZzmToI8yweQdxDSn7yUGR+HGn8j49/UuoMUcCw/zGCxWBHjYuSXy8SdDtzGdInLX4RTlaEgEIcbeQLAc++X5q2zJRZ1g7qvoGNA0/uVHCSfOx/tC2uKS5jQc+JHHvIsfg85Axaz8ReEP+wSRN/4Rq4lZ3S5DEGw5tDkYd6RNx/g80IJ1+BwyF7qqePNeEg59Fw4cbGzvxLuRZaTYqukYt40sdqOhbk+Y0q8Q1FgMwieKPp7+qLPJiKM1SFEQV/KFn5ecaAMYqRRUCxHcD5XDhk557LkX/w8xJiC0CR/wemKNKxhSBaFcrFVf2JT0x/mVggc0DOJ1bn+DKvXo3cyZ4pdRYTQM289skD/M9zivpzezgtN8EdHV8nkX42p+7cDu3vyqKVozX4fn/BeMlxl1/LOBF6nvf+57XXqPK63TmRZ8yIMwLxN5TCOhSy69yqNwxjHtMgXAG24DVB1TZUiWdBAz4zi3RM1Q7cHfxr4/+Jj32v3R0DXTevbBk8gbLZ3VrVaZEkrQ4MoXCFvWzSOnAhpY6F9Eayx/dprfvKn594bQ+6GW++qtOhYVeUra47a/mfJtoLH3nV7DVdGPi3dickxn4nUkUs5BMIoDjgvGHcIjbkgbixLJFh+vkkgRq88i5xfOLDAT/sKaRL9p48CNUZe3OySAvhihTP0AYH5lrl1Z8i99yFAiRGNFbpNsAjjhSKZJpdJFf4l+pwJ4bCuF2eVl+woCMKj1OlRr6PxrNuJ6A5zfdVhhIWCk4CLvw6WSWZmC8J1vDTF+zc4/6f/ah2P19IFRXOhPh1QagqcC60FZWTlQjDRCS5UIQ/P0JV4XJEQfKXSB5L0fDn7HjIJE9NjQA/mNMDoub7exDHw7NfNOPp6u7+ks/mzfZUcuCFVqpqu6dgIE+H268wZForRxmN0B+kFK06PINejDspsTNClCJ0xrb36PsfJxAoUa7B1RhBRdi+EsmqMWBBklYG0GTJYnGJ5wOd9dYiwe/cm/1aOx4vWlYequ0yG0HweuYW+6iQPIdlCtl3UAoPdzomhFdK/HREApWIJ3oRkj9P8ZNlemHkDLB8Uj5EEs/jdWmJ4hsmSLUhbJZJ/uZDsnERp217epIC5Rp0JiZ7WWvAMnVGrOAijhr3fCDmalbw4ycyRDuEg8tWbNV7/0tSvEsy1ioDr3J4d6dkXfOSzWLPdirJHO+7aSq5y7dxts9YO3WF/pxBO+O9SYgSfn4ZBcFKe0tE8CYfNmm2FNLPTxzPGj+q3oa9W3dGb/O/LR6PnOvTM2invwaZAf4jRdRjp7yCtGrnnFDr/A5ekNIRgnSBhB7KTXYEkH9MDkWOacR7pLBg7kG9/93rP/c6M5kuzsNzgsWeAo1o+goRMWb9Bbo43ty/RSCkUpdeorOMIpS7BvITvnyda38aAhQFjF7hwWq4PAzOB/r8wSOST/r/HawsYR4of1gQx9LDjQyJ9vmC9zUPFqJntFgLHpvHEwbL94Ld2fIuedhNe/IIjP05UagvhGkFxlhOeUpEziKo+1sRg/9Irxkj5XidLXlL+bmpRaWM51FCounv1Zk4xEbyO7DqvNmmhEyBrp7LUs0R9dKgs1b8s3olto/dGef/S9w4X08OrGa6kIfxMDHi3xLbL3X0g3FMY5+DwW5TYAhbkGrADBZGkfnmo6M8u6ksbdGuYt4gQySyQ9gWx9wFi6srCPHrjDBq2q3nz7BoBms1JbWS7es/cZs3b79lTL6SNkll7f2nQI4wdHXw1j5uMKti/ZC4IRDOZwCVTCiglWEfA01DTtOOIq8I/XjtbCjiXCOi7tvWYkS2RxxjVDf1A6LRZd97B6+OWBTPBaU9Wjt1uXsz+b1MyvMBN/TLUco8bJHUO+IyTaOE+/2H3id93iTwBR5rqUxqSaZKAGaHIQMa+9Mm1aw1OuBwM5LtkfK5scKiC5Xf1DWtV0qMQ4vumjvsywJGEH0AtbbPDAxSGwIMIyUDFABkoMUNMu7hf+d+TaGyasnUJLUeb7pV4PKYhonzFUqpPkIHFkHCWQ3/is1dnLZ3dRABUR3hQ8NcTU4cetNbfHnxfxL5QgGCRj9mIZOrAjo/zIk07U2BtC9SJe+sSOU6mCD71Kq+lS6A+8fdoU56zmgH1x3pWrKtPNk/A2J88Zx5O8FCfMbuGom7tzKU5T/TTO3Gswuq8Ss0nEUo1Fh8xEkAn2/OqApY0usKImykmMX5igP6OGmJPcWJpinfEblCBLRdL0ca48wFjUKE7zat7VZ8Qjzi8n2pNcZmqeXAj50aeso/JknUn+t/FVpWIsZvKzIO+7bgDSzAfuKBUozss5CH8PYBlOWlvbgbuxp9UiXmb99AbEsRjszrehnoy7pJVpUJPs9FZsuWXjxycCSE06MVH0RIinxLC7igmyObffemSohScg/6zWRRXZHgIKTulA5Ka8pj4z0zOmba8ck8o45ds5oMcG5wY5oUhwR3WDr/yAOAARSXNTmcBbcSoEx2hyAIhGWDF9EBOOvpBjKMdUCEv5EZkoPJmt6BTiuVtuM268wcR/9KtkwmHq1VlMN+jbr3vUvClmrigeMJ6R7jm2NWyk+QPQqoXu+BvNtnLoPev1ZqT88AQBRiSWY0FWZDrznDFgVswmnRKXGElek28KtsY3rzDf7E+3ZaW2QlYUrfR9uUcqTjr+q5UIGGbXvHLoZ5SKyDuSuep3QPu6MP/gsgkRJpN2C9YfQLmlydg+0qHEDauZABGUTa//o/Wl7YE4NdI74yF5M/QDcmlTEME7n+Z2U4sfOHVsIZ8LkRlfQqIrCYAbXtofRkYp+02tFkVHribqZZtU43asdZuLQEgN9arm5+sLF3YIeamaFpoZOo/r8QmqAv+NcNPX40u4bZYEb/9BFKs
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:10Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"malware-sample\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c23b-b280-46cc-b101-41c1950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:11.000Z",
            "modified": "2016-07-15T11:00:11.000Z",
            "description": ".jse example",
            "pattern": "[file:name = '7.jse' AND file:hashes.SHA1 = 'cfd4c8391bf4c91c79d46b644df1c066b99ef65c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:11Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c23c-9240-48c2-96f4-4abf950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:12.000Z",
            "modified": "2016-07-15T11:00:12.000Z",
            "description": ".jse example",
            "pattern": "[file:name = '7.jse' AND file:hashes.SHA256 = 'ba4963275463eaf55938e110e3665d512bebdb1250610b15e577f25069a04283']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:12Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c253-ed00-4cb9-b8ee-4121950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:35.000Z",
            "modified": "2016-07-15T11:00:35.000Z",
            "description": "downloaded malware",
            "pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIABJY70i/cbJQ3jcCAPWwAwAgABwANzAxNjA1ZTIyNGQyNDU1YmQzMGEyYTM3M2EyOWJlYThVVAkAA1PCiFdTwohXdXgLAAEEIQAAAAQhAAAAEbXMmdKxTapV5FgwI5TFGt81h/YpsSZHDyzlPfJXItdSPhP/Vzs1f0GGlW/JZJ+jtDKsWqhWTDZP4feUdohIhb5UxX87iuwQXscRQ3GkcrphKGzxtm6RfUByIx9ORH32w3LqD1M9Ik/EWsc4yXCUZePNt/2xRQZxSHXIx+xvgeaUvNqxzTS4rEmONcBjr0k0MSMFwJ7VYbSneyQxpzi8jYyHq7ruoqMY80pElz8WcMfd06MFfNQ7Wkm+qcqd3aaqNCTcBZesNa6jPSXThHv6uGHZXel9ZJXxpd1joPrs+xuwF/nKaeaWSzKBtg7ilqxKKaAHDkTmJfrDZoG4EaHKgbWQvit3YfY8O6Snp3SEU6o4oLICwkWy6oR0ycEj+n465pO79p7yIAzF1M2kPMg93hqLnqt57QuGobKK/WXcQk/vV0YMBUXDnCMCa+b9kBs3BnbkRRllzJfI9n7VXO41/HFYq9x2FSjegWkuV5TdiqVbirpHT2AQ0/pO9S/V66d+x7jbwj/g6GlmH23WQO6bXG41Za2c5rfZmavKttXM0QwLSvUOKZYNgC0jfWZJ0riYmrTlhx4uPLdFl9r707B6rvqsXbPqq09sVy0HZlWDuT0sQwO+KNEaIXC9dIikq0/NRf/XFGZmF+L8UYmmMed31BnCyrbwaC+kyt5XbnIs5UebXAvweuF5dlZ3452MAdOu6IoZvSkHEU4iL+BIYOkZiAe+pmlron3fCjA9cregA2NMv6lPPPQujGf8OavQHxBHw7P8Ih44e7VPwaMWjopIWEx0fPvvmVHkZwga5rnJn4IbOpt1a2/fPDdY1VHQdjNDJ/+ttKZA7gwTWeYX2jxnev7RDrq07w45An858FnGypqMa/oFFiCzR1drvdUDk71oES3K/cP+lf6AY7ZNUnPcn7WjzKDpgY7zJ13UQZ/sLNPGsdrZCdIxyUDSyPeESgJrv51sfPzyusnUiEJkYyCK1HF/PocofGojpeAvGOjjJKpu4XpMfL8aLouejNecZTFpUIP4BxB2+fgZ8cGpy9miVdzsgnG29wPNYwgn/hKgTwX4J5BHAYb0R+RGpRxTQxw/J29ZgnP8xBsxSinB+o6JyB+NsmRlk+J6RqtynGOEifYTke97Hzx7yZLhRGA4zTPqr0ya/9Wyri1lTfATfd4A2H+9u0+AJD9hUnzUc238zmQBpfB92j7IFkXNYNuD2tKcXB8ifH4Q67TPPDlOKVXu3TBXYHanUbxoZYswlXD8ZDbYl792eEkkBVzhnP7uUiCLOsjMUec9EmH68V7gDlAZeVpL3SiekX6iTLC8FdAaqLaWbdmrU/hK4L1rGBM14kEP8bWhpCFGwTCV8gyxsa3ZwEz+0lB6+vyLu0w4xUGQSGwWjKnwsHDBNlLvWGGiGNXmNwiQjR72Ru5TST1RNYceS+tbJE9bo+3LmfV7jKp9ISqaWXlSqCji6aa4rDwX4DY8Ou1yl7qAl5msEd96PlD85V0Ymc676XAztJG9XXqHQlPwog2LHFa7n1yHXGY7OPn5dkgytDLCRtiktfPlkJgga7B2wr5007oO4s0oCdV2SgaKVZ8s2w6YQuWW1KeC56Z+rm5anRSsb1dpqX10Zq1BY5BHCOuBv6z1Mv2UiVFFbQ4oxt8b/2p3qLZ6k3PM1xuebNwIsOCfjT5W+BYJVcKh8KgyA3J2IQjJo0sVqNlQG9VJIyNmLHEH7rh5rWrd/LV27W/duu9aogiFouAuaX5iBtSYl8YypDGeh0ZxSnKLKe76sLhAujl+KwfOYuUd3p5QHttbbTiOrgjHyprpM2Bbxlg/tuEs7w7hDI11gHmhSmV1w5WSDHwKpL9YLk5jBhU7a7dpEUFpenRO+RQaLtaqlsDxxiw0FW+aZd0U/agx5gDy07rfDQbtAUfQvNPZiYyID5l+ckNyhXPYN150z4ajuDrOH1CWMkpvOBGD/+Gl9ZbsdlzkYyNEJY+ujsWdqoL1REds9di9tGLDdBZTGCVX0AS04xp++jImHXJMNp5Jqty6CkSm94rrSDP7XfdPBm4X7n1TqaQ3fp2WlnfNYNI4EIEYnQsjAmkyYi4dYWKmJzr79w3gzVqby+G9XrO4S2siVPptRV9PzEei4fO5fsfB2tNPQWzX6gorFdHvsOYNqrbvs0dExyTvR6pMEr9n+0GIhZyvmC8WjtiYZc4W+ZTA66kFu987pgixybwhCP7x5mNONSbqaL3DqA/cZPjxq5By3hR05j3O8kR03qQ+zghwgsqyJlbNJxy8ETWhO+JJir3xyPLb8s+wuMMkhz/apH6v8RZa2nRktyRIlDq6q3Djc6bD8lZQHynyghpmjssd/5zdMHsEKQe5pCY3bz8QNozvNg/udYVBXgxWJVi26WPBomBC5SeicJ3QI1ELneLnuAQpdYMtSeR5DX0mFcaebTJwAMzsg0w8MtRyYQg7xJsoysIUpB00LLsgdqQu3iV1YRWWzT4KimI214dRVDZBZIYSSkx5/5cpb7Ia29K2OLGtURhu/ab5LAEsawaJQUXBFIHLkthywJxz27cuJltv3udpSqUaD9zGIYjTyRdn1LT4+zXyqgrqJ7o5UGLN9Uhh8QzCEHWZHJypxtTrdDjuR0p2RbC8KXwW0HQQD+rUXXQhP92P8o8AGnIsGVsDSjW2uu3JkzXh7pcx7eFYYtDxaKXexxJXI++Qm9rUtkB14O5X/Sh5cAlUGOEnxd9N/mwHhNYlVX1EhGSOEIualieskj0T13IC41WRk1JeYIuXZqWYjWLT5bOW39shWub+oppXANc34BMKYLSrhSNhtQdpeR15XWfJcFhA5r/ktc74lEwjM1uNguhB7zvNx4Arw6rpYDw4uMhBE6d8GNvNnPwRlmdg7BGF1F72/GZa/zdi7uTm5uYlD1ru0mGmwK/+thHSIbUf1dPPwvAKd2gsqABRSQrBYWEY1gGsVt4EWqkOtrNoujrDhXbm+lCvs6dV6xNQciRtEznHoU8uVdZapQgbGj7bAzvq74g3uxXuS+ESYmzq2r8Lw5/0HJD0naeInZOmBu9+qiFaKUg2IFhetNNrs0eft/vAhHvQjnWp4hq5iwkvxTX6V4Uz8t2+ifOZ+XZfXkUl7Y+QjSBq18Mm82uqtwT0Jp1PXNTtBKfTc1uB9Rxh1F56FRnlKpfuSp4ENd6aZtYI8CQ7hkVRvAjiqc2B7jELqfH8yd9Y/mx+c4liACZuiZRdPPqq9JATzB6F4VkakyyyMFaOeiP00UxFtBvVI4tOF5e0bsVlXlcmzXkPev6GHJ9AwsDzAaTIE+ST1OwXvR7xGSqMU76OVuUZeDjuDyz0SyOCaXacjD1Eowbm3Z8jdoUXpu/zLqRVBCq4vr1Hi/C/Dvm/d4NnN4RKTOq7GP2lyoy/o1bBmEHaSLTjK7RJH89Z+8hJr3Fx9MSwOGR5N50ySa5Ydtom77kUWp/qS2gh2wB/PR2t1EuwhXiVdy4FUjUX6Zk8FoFeF3gIrkB1D0tfn5Q7lo2KY1qwfUu+BqWmJccb5K3flCmGuiWOvyHC4E4B342d1oV5EztZ/HB6AqOT1lyZjLeZT5hbttt6c+d0FmbJw94bhNCiFnWjL8q93KqMuxvesvIcvklBO2OHpxtQV5dw6rkE44bOpOe51Hr/0UjsgoRLq6rRuxs6gn+eq5UrGtCjF7uujHZ3qyUVLYBcHwG4JN9C4AMxCZt4jP7o3uuj8HKYLW/WV6uUrq3xoyi6LaFGEX+y3DpJKqI/TxLThv4Bt+ucdPjH5lPaY77fPLQmOFA6z1TR0FiG6qi4dkNUzESM4bXFfWkEocmLel0zW7tG/HyuEK+Ho/Su45lyiyDDplgVF03ipexoUi0QznS7TxDrDQYhyS2kyxlbZo+Z/1oeRDTVUodAT3PCMB7WCMQ+ReDcn5hY23
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:35Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"malware-sample\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c254-42d0-4fe5-a3b8-457d950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:36.000Z",
            "modified": "2016-07-15T11:00:36.000Z",
            "description": "downloaded malware",
            "pattern": "[file:name = 'b1' AND file:hashes.SHA1 = '4d2fc5119c15c7fd88c22224b937fdfcf160c280']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:36Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--5788c255-fde0-49c7-a70f-40c0950d210f",
            "created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
            "created": "2016-07-15T11:00:37.000Z",
            "modified": "2016-07-15T11:00:37.000Z",
            "description": "downloaded malware",
            "pattern": "[file:name = 'b1' AND file:hashes.SHA256 = '33e7e1ae86855d57ba51657c122c74a34afa85b8267815462a66ceed965a2297']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-07-15T11:00:37Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename|sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}
chg: [misp-stix] STIX 2.1 export added 2023-04-21 14:44:17 +00:00			`{`
			`"type": "bundle",`
			`"id": "bundle--5788c19e-ee40-43b8-9160-47da950d210f",`
			`"objects": [`
			`{`
			`"type": "identity",`
			`"spec_version": "2.1",`
			`"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:13.000Z",`
			`"modified": "2016-07-15T10:58:13.000Z",`
			`"name": "CIRCL",`
			`"identity_class": "organization"`
			`},`
			`{`
			`"type": "report",`
			`"spec_version": "2.1",`
			`"id": "report--5788c19e-ee40-43b8-9160-47da950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:13.000Z",`
			`"modified": "2016-07-15T10:58:13.000Z",`
			`"name": "Malspam 2016-07-15 .zip/.jse",`
			`"published": "2016-07-15T11:05:42Z",`
			`"object_refs": [`
			`"indicator--5788c1b7-d1a8-4830-bf05-4d18950d210f",`
			`"indicator--5788c1b8-68f4-4ac5-8cf4-4979950d210f",`
			`"indicator--5788c1b8-2bb4-435c-ae16-45bf950d210f",`
			`"indicator--5788c1b9-ad88-4892-b0f1-45d4950d210f",`
			`"x-misp-attribute--5788c1c5-71bc-4849-aba3-4add950d210f",`
			`"indicator--5788c23a-0a5c-4760-9ca2-43e7950d210f",`
			`"indicator--5788c23b-b280-46cc-b101-41c1950d210f",`
			`"indicator--5788c23c-9240-48c2-96f4-4abf950d210f",`
			`"indicator--5788c253-ed00-4cb9-b8ee-4121950d210f",`
			`"indicator--5788c254-42d0-4fe5-a3b8-457d950d210f",`
			`"indicator--5788c255-fde0-49c7-a70f-40c0950d210f"`
			`],`
			`"labels": [`
			`"Threat-Report",`
			`"misp:tool=\"MISP-STIX-Converter\"",`
			`"circl:incident-classification=\"malware\""`
			`],`
			`"object_marking_refs": [`
			`"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c1b7-d1a8-4830-bf05-4d18950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:57:59.000Z",`
			`"modified": "2016-07-15T10:57:59.000Z",`
			`"description": "download location",`
			`"pattern": "[url:value = 'http://cosdoshhp.top/log.php?f=2.gif']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T10:57:59Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"url\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c1b8-68f4-4ac5-8cf4-4979950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:00.000Z",`
			`"modified": "2016-07-15T10:58:00.000Z",`
			`"description": "download location",`
			`"pattern": "[file:name = 'cosdoshhp.top']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T10:58:00Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c1b8-2bb4-435c-ae16-45bf950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:00.000Z",`
			`"modified": "2016-07-15T10:58:00.000Z",`
			`"description": "download location",`
			`"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.170.117.124']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T10:58:00Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"ip-dst\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c1b9-ad88-4892-b0f1-45d4950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:01.000Z",`
			`"modified": "2016-07-15T10:58:01.000Z",`
			`"description": "download location",`
			`"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.238.213.26']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T10:58:01Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Network activity"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"ip-dst\"",`
			`"misp:category=\"Network activity\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "x-misp-attribute",`
			`"spec_version": "2.1",`
			`"id": "x-misp-attribute--5788c1c5-71bc-4849-aba3-4add950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T10:58:13.000Z",`
			`"modified": "2016-07-15T10:58:13.000Z",`
			`"labels": [`
			`"misp:type=\"user-agent\"",`
			`"misp:category=\"Network activity\""`
			`],`
			`"x_misp_category": "Network activity",`
			`"x_misp_type": "user-agent",`
			`"x_misp_value": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)"`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c23a-0a5c-4760-9ca2-43e7950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:10.000Z",`
			`"modified": "2016-07-15T11:00:10.000Z",`
			`"description": ".jse example",`
			"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAAVY70iaZwo/ayQAAB5hAAAgABwAMTU2Y2Q4M2I2YWM2MDg4ZWI4ZjFjOWVmOWE1YjI2MDNVVAkAAzrCiFc6wohXdXgLAAEEIQAAAAQhAAAAdVAca0cr+ZFIdepWVXglm7bC+4VjhaabGGcfGsK3/onGVNgGApvzlicUV67Q5YjxExeXDNScOFEy4xHl/HI5TpqX2WgSY3R6x3GDeHM2Yax7Voe3Dx9b8HnbvssDkdMGikSqNVZ4r3X8rrZKh4brnidUrooBH9LPjlYXzhHXf/JwWriQM+bjzrX96tYZjheUaRVwPbVq1HjPoCAQE7WuMI0XCCIEB0ZthNY/o02ISQ/UykBVDva2wyRIZN9zJK95K+Cow9P2XKZjlTDFm1j92jxPM8wVls789c8SLpLuU+AIc9VP+wulmlUKKDwsjF4wJBYsp8XRLItaiQ51gDakiLSnF1O85Uic/T0pFZd5acTeh9J1pWEMO85Z9ZnU3fkd29oKga6j0Z1Am+0SF6M1fhYReF6eD7Kdo6o3j27+h67GCDrTJ/OF1s7XslmIvQH9/lyw4UDdLufLdqgPssvaBx0xrys/YcTjilpMxwNrWEMPNmLemkBDpX8tFDW5CmSbSG4JRdCVdhtW5O4W2LzKJ80st38D8c2RcNnH4cQWETJ+x/VJpq+BBYhJukYbTuxgXCZChJknIq+cnggzA0kvSFd9e7eZvBLElQvJTc3UqVBLJ5LOEYCGlMvrLeQ+EK19hGeqdytpwttCYInKtRrWC5Qiub7bpqxF6DS4eeGhdN+uhqoRBJ8PKx0suZGDxRRjX+gKJjZCNlvOq5V6kHEpyNJ3KKmJXAsd8Djb/r+KaT7O0yiZH/OEzv/Kn+Fjvo1h/1dgy1NmD2vCU0CU8KIHCM/LM62wvWtdVSKs27/1rdxcDEaq1XZGfeaDrUBGQAK6QieZGtY9BTg/4WGerXGgmQouyfHmzw2uhtEH8KTx2Yv2ZAwErg8jsBjWLxjDacPLdd0lUnRooRhr4ica/XbUA403eF5/Q1OUs3I+qF7lMWacSg3kw1AADEgk9NTRDk6MYIOknFBpevBq9DrmayTbHPn0PK2kUPcfY4S/hevQ/M7t97GoALvZLq+/zaJ8rKe4igbCcyaq1Z0ZzmToI8yweQdxDSn7yUGR+HGn8j49/UuoMUcCw/zGCxWBHjYuSXy8SdDtzGdInLX4RTlaEgEIcbeQLAc++X5q2zJRZ1g7qvoGNA0/uVHCSfOx/tC2uKS5jQc+JHHvIsfg85Axaz8ReEP+wSRN/4Rq4lZ3S5DEGw5tDkYd6RNx/g80IJ1+BwyF7qqePNeEg59Fw4cbGzvxLuRZaTYqukYt40sdqOhbk+Y0q8Q1FgMwieKPp7+qLPJiKM1SFEQV/KFn5ecaAMYqRRUCxHcD5XDhk557LkX/w8xJiC0CR/wemKNKxhSBaFcrFVf2JT0x/mVggc0DOJ1bn+DKvXo3cyZ4pdRYTQM289skD/M9zivpzezgtN8EdHV8nkX42p+7cDu3vyqKVozX4fn/BeMlxl1/LOBF6nvf+57XXqPK63TmRZ8yIMwLxN5TCOhSy69yqNwxjHtMgXAG24DVB1TZUiWdBAz4zi3RM1Q7cHfxr4/+Jj32v3R0DXTevbBk8gbLZ3VrVaZEkrQ4MoXCFvWzSOnAhpY6F9Eayx/dprfvKn594bQ+6GW++qtOhYVeUra47a/mfJtoLH3nV7DVdGPi3dickxn4nUkUs5BMIoDjgvGHcIjbkgbixLJFh+vkkgRq88i5xfOLDAT/sKaRL9p48CNUZe3OySAvhihTP0AYH5lrl1Z8i99yFAiRGNFbpNsAjjhSKZJpdJFf4l+pwJ4bCuF2eVl+woCMKj1OlRr6PxrNuJ6A5zfdVhhIWCk4CLvw6WSWZmC8J1vDTF+zc4/6f/ah2P19IFRXOhPh1QagqcC60FZWTlQjDRCS5UIQ/P0JV4XJEQfKXSB5L0fDn7HjIJE9NjQA/mNMDoub7exDHw7NfNOPp6u7+ks/mzfZUcuCFVqpqu6dgIE+H268wZForRxmN0B+kFK06PINejDspsTNClCJ0xrb36PsfJxAoUa7B1RhBRdi+EsmqMWBBklYG0GTJYnGJ5wOd9dYiwe/cm/1aOx4vWlYequ0yG0HweuYW+6iQPIdlCtl3UAoPdzomhFdK/HREApWIJ3oRkj9P8ZNlemHkDLB8Uj5EEs/jdWmJ4hsmSLUhbJZJ/uZDsnERp217epIC5Rp0JiZ7WWvAMnVGrOAijhr3fCDmalbw4ycyRDuEg8tWbNV7/0tSvEsy1ioDr3J4d6dkXfOSzWLPdirJHO+7aSq5y7dxts9YO3WF/pxBO+O9SYgSfn4ZBcFKe0tE8CYfNmm2FNLPTxzPGj+q3oa9W3dGb/O/LR6PnOvTM2invwaZAf4jRdRjp7yCtGrnnFDr/A5ekNIRgnSBhB7KTXYEkH9MDkWOacR7pLBg7kG9/93rP/c6M5kuzsNzgsWeAo1o+goRMWb9Bbo43ty/RSCkUpdeorOMIpS7BvITvnyda38aAhQFjF7hwWq4PAzOB/r8wSOST/r/HawsYR4of1gQx9LDjQyJ9vmC9zUPFqJntFgLHpvHEwbL94Ld2fIuedhNe/IIjP05UagvhGkFxlhOeUpEziKo+1sRg/9Irxkj5XidLXlL+bmpRaWM51FCounv1Zk4xEbyO7DqvNmmhEyBrp7LUs0R9dKgs1b8s3olto/dGef/S9w4X08OrGa6kIfxMDHi3xLbL3X0g3FMY5+DwW5TYAhbkGrADBZGkfnmo6M8u6ksbdGuYt4gQySyQ9gWx9wFi6srCPHrjDBq2q3nz7BoBms1JbWS7es/cZs3b79lTL6SNkll7f2nQI4wdHXw1j5uMKti/ZC4IRDOZwCVTCiglWEfA01DTtOOIq8I/XjtbCjiXCOi7tvWYkS2RxxjVDf1A6LRZd97B6+OWBTPBaU9Wjt1uXsz+b1MyvMBN/TLUco8bJHUO+IyTaOE+/2H3id93iTwBR5rqUxqSaZKAGaHIQMa+9Mm1aw1OuBwM5LtkfK5scKiC5Xf1DWtV0qMQ4vumjvsywJGEH0AtbbPDAxSGwIMIyUDFABkoMUNMu7hf+d+TaGyasnUJLUeb7pV4PKYhonzFUqpPkIHFkHCWQ3/is1dnLZ3dRABUR3hQ8NcTU4cetNbfHnxfxL5QgGCRj9mIZOrAjo/zIk07U2BtC9SJe+sSOU6mCD71Kq+lS6A+8fdoU56zmgH1x3pWrKtPNk/A2J88Zx5O8FCfMbuGom7tzKU5T/TTO3Gswuq8Ss0nEUo1Fh8xEkAn2/OqApY0usKImykmMX5igP6OGmJPcWJpinfEblCBLRdL0ca48wFjUKE7zat7VZ8Qjzi8n2pNcZmqeXAj50aeso/JknUn+t/FVpWIsZvKzIO+7bgDSzAfuKBUozss5CH8PYBlOWlvbgbuxp9UiXmb99AbEsRjszrehnoy7pJVpUJPs9FZsuWXjxycCSE06MVH0RIinxLC7igmyObffemSohScg/6zWRRXZHgIKTulA5Ka8pj4z0zOmba8ck8o45ds5oMcG5wY5oUhwR3WDr/yAOAARSXNTmcBbcSoEx2hyAIhGWDF9EBOOvpBjKMdUCEv5EZkoPJmt6BTiuVtuM268wcR/9KtkwmHq1VlMN+jbr3vUvClmrigeMJ6R7jm2NWyk+QPQqoXu+BvNtnLoPev1ZqT88AQBRiSWY0FWZDrznDFgVswmnRKXGElek28KtsY3rzDf7E+3ZaW2QlYUrfR9uUcqTjr+q5UIGGbXvHLoZ5SKyDuSuep3QPu6MP/gsgkRJpN2C9YfQLmlydg+0qHEDauZABGUTa//o/Wl7YE4NdI74yF5M/QDcmlTEME7n+Z2U4sfOHVsIZ8LkRlfQqIrCYAbXtofRkYp+02tFkVHribqZZtU43asdZuLQEgN9arm5+sLF3YIeamaFpoZOo/r8QmqAv+NcNPX40u4bZYEb/9BFKs
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:10Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"malware-sample\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c23b-b280-46cc-b101-41c1950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:11.000Z",`
			`"modified": "2016-07-15T11:00:11.000Z",`
			`"description": ".jse example",`
			`"pattern": "[file:name = '7.jse' AND file:hashes.SHA1 = 'cfd4c8391bf4c91c79d46b644df1c066b99ef65c']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:11Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha1\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c23c-9240-48c2-96f4-4abf950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:12.000Z",`
			`"modified": "2016-07-15T11:00:12.000Z",`
			`"description": ".jse example",`
			`"pattern": "[file:name = '7.jse' AND file:hashes.SHA256 = 'ba4963275463eaf55938e110e3665d512bebdb1250610b15e577f25069a04283']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:12Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha256\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c253-ed00-4cb9-b8ee-4121950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:35.000Z",`
			`"modified": "2016-07-15T11:00:35.000Z",`
			`"description": "downloaded malware",`
			"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIABJY70i/cbJQ3jcCAPWwAwAgABwANzAxNjA1ZTIyNGQyNDU1YmQzMGEyYTM3M2EyOWJlYThVVAkAA1PCiFdTwohXdXgLAAEEIQAAAAQhAAAAEbXMmdKxTapV5FgwI5TFGt81h/YpsSZHDyzlPfJXItdSPhP/Vzs1f0GGlW/JZJ+jtDKsWqhWTDZP4feUdohIhb5UxX87iuwQXscRQ3GkcrphKGzxtm6RfUByIx9ORH32w3LqD1M9Ik/EWsc4yXCUZePNt/2xRQZxSHXIx+xvgeaUvNqxzTS4rEmONcBjr0k0MSMFwJ7VYbSneyQxpzi8jYyHq7ruoqMY80pElz8WcMfd06MFfNQ7Wkm+qcqd3aaqNCTcBZesNa6jPSXThHv6uGHZXel9ZJXxpd1joPrs+xuwF/nKaeaWSzKBtg7ilqxKKaAHDkTmJfrDZoG4EaHKgbWQvit3YfY8O6Snp3SEU6o4oLICwkWy6oR0ycEj+n465pO79p7yIAzF1M2kPMg93hqLnqt57QuGobKK/WXcQk/vV0YMBUXDnCMCa+b9kBs3BnbkRRllzJfI9n7VXO41/HFYq9x2FSjegWkuV5TdiqVbirpHT2AQ0/pO9S/V66d+x7jbwj/g6GlmH23WQO6bXG41Za2c5rfZmavKttXM0QwLSvUOKZYNgC0jfWZJ0riYmrTlhx4uPLdFl9r707B6rvqsXbPqq09sVy0HZlWDuT0sQwO+KNEaIXC9dIikq0/NRf/XFGZmF+L8UYmmMed31BnCyrbwaC+kyt5XbnIs5UebXAvweuF5dlZ3452MAdOu6IoZvSkHEU4iL+BIYOkZiAe+pmlron3fCjA9cregA2NMv6lPPPQujGf8OavQHxBHw7P8Ih44e7VPwaMWjopIWEx0fPvvmVHkZwga5rnJn4IbOpt1a2/fPDdY1VHQdjNDJ/+ttKZA7gwTWeYX2jxnev7RDrq07w45An858FnGypqMa/oFFiCzR1drvdUDk71oES3K/cP+lf6AY7ZNUnPcn7WjzKDpgY7zJ13UQZ/sLNPGsdrZCdIxyUDSyPeESgJrv51sfPzyusnUiEJkYyCK1HF/PocofGojpeAvGOjjJKpu4XpMfL8aLouejNecZTFpUIP4BxB2+fgZ8cGpy9miVdzsgnG29wPNYwgn/hKgTwX4J5BHAYb0R+RGpRxTQxw/J29ZgnP8xBsxSinB+o6JyB+NsmRlk+J6RqtynGOEifYTke97Hzx7yZLhRGA4zTPqr0ya/9Wyri1lTfATfd4A2H+9u0+AJD9hUnzUc238zmQBpfB92j7IFkXNYNuD2tKcXB8ifH4Q67TPPDlOKVXu3TBXYHanUbxoZYswlXD8ZDbYl792eEkkBVzhnP7uUiCLOsjMUec9EmH68V7gDlAZeVpL3SiekX6iTLC8FdAaqLaWbdmrU/hK4L1rGBM14kEP8bWhpCFGwTCV8gyxsa3ZwEz+0lB6+vyLu0w4xUGQSGwWjKnwsHDBNlLvWGGiGNXmNwiQjR72Ru5TST1RNYceS+tbJE9bo+3LmfV7jKp9ISqaWXlSqCji6aa4rDwX4DY8Ou1yl7qAl5msEd96PlD85V0Ymc676XAztJG9XXqHQlPwog2LHFa7n1yHXGY7OPn5dkgytDLCRtiktfPlkJgga7B2wr5007oO4s0oCdV2SgaKVZ8s2w6YQuWW1KeC56Z+rm5anRSsb1dpqX10Zq1BY5BHCOuBv6z1Mv2UiVFFbQ4oxt8b/2p3qLZ6k3PM1xuebNwIsOCfjT5W+BYJVcKh8KgyA3J2IQjJo0sVqNlQG9VJIyNmLHEH7rh5rWrd/LV27W/duu9aogiFouAuaX5iBtSYl8YypDGeh0ZxSnKLKe76sLhAujl+KwfOYuUd3p5QHttbbTiOrgjHyprpM2Bbxlg/tuEs7w7hDI11gHmhSmV1w5WSDHwKpL9YLk5jBhU7a7dpEUFpenRO+RQaLtaqlsDxxiw0FW+aZd0U/agx5gDy07rfDQbtAUfQvNPZiYyID5l+ckNyhXPYN150z4ajuDrOH1CWMkpvOBGD/+Gl9ZbsdlzkYyNEJY+ujsWdqoL1REds9di9tGLDdBZTGCVX0AS04xp++jImHXJMNp5Jqty6CkSm94rrSDP7XfdPBm4X7n1TqaQ3fp2WlnfNYNI4EIEYnQsjAmkyYi4dYWKmJzr79w3gzVqby+G9XrO4S2siVPptRV9PzEei4fO5fsfB2tNPQWzX6gorFdHvsOYNqrbvs0dExyTvR6pMEr9n+0GIhZyvmC8WjtiYZc4W+ZTA66kFu987pgixybwhCP7x5mNONSbqaL3DqA/cZPjxq5By3hR05j3O8kR03qQ+zghwgsqyJlbNJxy8ETWhO+JJir3xyPLb8s+wuMMkhz/apH6v8RZa2nRktyRIlDq6q3Djc6bD8lZQHynyghpmjssd/5zdMHsEKQe5pCY3bz8QNozvNg/udYVBXgxWJVi26WPBomBC5SeicJ3QI1ELneLnuAQpdYMtSeR5DX0mFcaebTJwAMzsg0w8MtRyYQg7xJsoysIUpB00LLsgdqQu3iV1YRWWzT4KimI214dRVDZBZIYSSkx5/5cpb7Ia29K2OLGtURhu/ab5LAEsawaJQUXBFIHLkthywJxz27cuJltv3udpSqUaD9zGIYjTyRdn1LT4+zXyqgrqJ7o5UGLN9Uhh8QzCEHWZHJypxtTrdDjuR0p2RbC8KXwW0HQQD+rUXXQhP92P8o8AGnIsGVsDSjW2uu3JkzXh7pcx7eFYYtDxaKXexxJXI++Qm9rUtkB14O5X/Sh5cAlUGOEnxd9N/mwHhNYlVX1EhGSOEIualieskj0T13IC41WRk1JeYIuXZqWYjWLT5bOW39shWub+oppXANc34BMKYLSrhSNhtQdpeR15XWfJcFhA5r/ktc74lEwjM1uNguhB7zvNx4Arw6rpYDw4uMhBE6d8GNvNnPwRlmdg7BGF1F72/GZa/zdi7uTm5uYlD1ru0mGmwK/+thHSIbUf1dPPwvAKd2gsqABRSQrBYWEY1gGsVt4EWqkOtrNoujrDhXbm+lCvs6dV6xNQciRtEznHoU8uVdZapQgbGj7bAzvq74g3uxXuS+ESYmzq2r8Lw5/0HJD0naeInZOmBu9+qiFaKUg2IFhetNNrs0eft/vAhHvQjnWp4hq5iwkvxTX6V4Uz8t2+ifOZ+XZfXkUl7Y+QjSBq18Mm82uqtwT0Jp1PXNTtBKfTc1uB9Rxh1F56FRnlKpfuSp4ENd6aZtYI8CQ7hkVRvAjiqc2B7jELqfH8yd9Y/mx+c4liACZuiZRdPPqq9JATzB6F4VkakyyyMFaOeiP00UxFtBvVI4tOF5e0bsVlXlcmzXkPev6GHJ9AwsDzAaTIE+ST1OwXvR7xGSqMU76OVuUZeDjuDyz0SyOCaXacjD1Eowbm3Z8jdoUXpu/zLqRVBCq4vr1Hi/C/Dvm/d4NnN4RKTOq7GP2lyoy/o1bBmEHaSLTjK7RJH89Z+8hJr3Fx9MSwOGR5N50ySa5Ydtom77kUWp/qS2gh2wB/PR2t1EuwhXiVdy4FUjUX6Zk8FoFeF3gIrkB1D0tfn5Q7lo2KY1qwfUu+BqWmJccb5K3flCmGuiWOvyHC4E4B342d1oV5EztZ/HB6AqOT1lyZjLeZT5hbttt6c+d0FmbJw94bhNCiFnWjL8q93KqMuxvesvIcvklBO2OHpxtQV5dw6rkE44bOpOe51Hr/0UjsgoRLq6rRuxs6gn+eq5UrGtCjF7uujHZ3qyUVLYBcHwG4JN9C4AMxCZt4jP7o3uuj8HKYLW/WV6uUrq3xoyi6LaFGEX+y3DpJKqI/TxLThv4Bt+ucdPjH5lPaY77fPLQmOFA6z1TR0FiG6qi4dkNUzESM4bXFfWkEocmLel0zW7tG/HyuEK+Ho/Su45lyiyDDplgVF03ipexoUi0QznS7TxDrDQYhyS2kyxlbZo+Z/1oeRDTVUodAT3PCMB7WCMQ+ReDcn5hY23
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:35Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"malware-sample\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c254-42d0-4fe5-a3b8-457d950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:36.000Z",`
			`"modified": "2016-07-15T11:00:36.000Z",`
			`"description": "downloaded malware",`
			`"pattern": "[file:name = 'b1' AND file:hashes.SHA1 = '4d2fc5119c15c7fd88c22224b937fdfcf160c280']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:36Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha1\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "indicator",`
			`"spec_version": "2.1",`
			`"id": "indicator--5788c255-fde0-49c7-a70f-40c0950d210f",`
			`"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",`
			`"created": "2016-07-15T11:00:37.000Z",`
			`"modified": "2016-07-15T11:00:37.000Z",`
			`"description": "downloaded malware",`
			`"pattern": "[file:name = 'b1' AND file:hashes.SHA256 = '33e7e1ae86855d57ba51657c122c74a34afa85b8267815462a66ceed965a2297']",`
			`"pattern_type": "stix",`
			`"pattern_version": "2.1",`
			`"valid_from": "2016-07-15T11:00:37Z",`
			`"kill_chain_phases": [`
			`{`
			`"kill_chain_name": "misp-category",`
			`"phase_name": "Payload delivery"`
			`}`
			`],`
			`"labels": [`
			`"misp:type=\"filename\|sha256\"",`
			`"misp:category=\"Payload delivery\"",`
			`"misp:to_ids=\"True\""`
			`]`
			`},`
			`{`
			`"type": "marking-definition",`
			`"spec_version": "2.1",`
			`"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",`
			`"created": "2017-01-20T00:00:00.000Z",`
			`"definition_type": "tlp",`
			`"name": "TLP:WHITE",`
			`"definition": {`
			`"tlp": "white"`
			`}`
			`}`
			`]`
			`}`