misp-circl-feed/feeds/circl/stix-2.1/57ee6d8c-0650-4c8a-9dfa-4f31950d210f.json

571 lines
23 KiB
JSON
Raw Permalink Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--57ee6d8c-0650-4c8a-9dfa-4f31950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57ee6d8c-0650-4c8a-9dfa-4f31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"name": "Malspam 2016-09-30 (.wsf in .zip) - campaign: \"Parcel details\"",
"published": "2016-09-30T13:51:03Z",
"object_refs": [
"indicator--57ee6dad-290c-4123-8016-4cea950d210f",
"indicator--57ee6dad-a9d4-4132-a115-48e9950d210f",
"indicator--57ee6dad-5aac-461c-802c-477d950d210f",
"indicator--57ee6dae-9d28-44cc-9830-4145950d210f",
"indicator--57ee6dae-59b4-476d-8846-4e81950d210f",
"indicator--57ee6dae-a418-4f7e-8fdd-4164950d210f",
"indicator--57ee6dae-5318-4955-ad4d-4526950d210f",
"indicator--57ee6dae-79b0-42c8-aa35-4fad950d210f",
"indicator--57ee6daf-bf6c-4433-9dd7-44bd950d210f",
"indicator--57ee6daf-9788-4ce7-b4fd-469c950d210f",
"indicator--57ee6daf-bac4-40a2-8029-405f950d210f",
"indicator--57ee6daf-07e0-4e9b-9757-4264950d210f",
"indicator--57ee6daf-1d54-4a2a-aaa8-4dc2950d210f",
"indicator--57ee6db0-4814-4305-b92b-4530950d210f",
"indicator--57ee6db0-4000-4f2f-b351-4f04950d210f",
"indicator--57ee6db0-7d7c-4a67-a70e-449e950d210f",
"indicator--57ee6db0-a2c4-4fdf-a57a-419f950d210f",
"indicator--57ee6db1-8edc-4932-8b75-4740950d210f",
"indicator--57ee6db1-a7f0-4039-881f-4c90950d210f",
"indicator--57ee6db1-bca4-4371-b87b-4421950d210f",
"indicator--57ee6db1-78f4-4ec2-97cc-4090950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dad-290c-4123-8016-4cea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:37.000Z",
"modified": "2016-09-30T13:50:37.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.196.150']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dad-a9d4-4132-a115-48e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:37.000Z",
"modified": "2016-09-30T13:50:37.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.50.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dad-5aac-461c-802c-477d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:37.000Z",
"modified": "2016-09-30T13:50:37.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.147.38.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dae-9d28-44cc-9830-4145950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:38.000Z",
"modified": "2016-09-30T13:50:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.254.128.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dae-59b4-476d-8846-4e81950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:38.000Z",
"modified": "2016-09-30T13:50:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.210.120.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dae-a418-4f7e-8fdd-4164950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:38.000Z",
"modified": "2016-09-30T13:50:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.117.4.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dae-5318-4955-ad4d-4526950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:38.000Z",
"modified": "2016-09-30T13:50:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.9.63.225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6dae-79b0-42c8-aa35-4fad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:38.000Z",
"modified": "2016-09-30T13:50:38.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'drugvacoa.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6daf-bf6c-4433-9dd7-44bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:39.000Z",
"modified": "2016-09-30T13:50:39.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'greenshootmedia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6daf-9788-4ce7-b4fd-469c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:39.000Z",
"modified": "2016-09-30T13:50:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://drugvacoa.net/6n00x']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6daf-bac4-40a2-8029-405f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:39.000Z",
"modified": "2016-09-30T13:50:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://greenshootmedia.com/w1zanty']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6daf-07e0-4e9b-9757-4264950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:39.000Z",
"modified": "2016-09-30T13:50:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://lust-vodka.com/fom7aof']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6daf-1d54-4a2a-aaa8-4dc2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:39.000Z",
"modified": "2016-09-30T13:50:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://puchipuchivirus.com/vvkqo7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db0-4814-4305-b92b-4530950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:40.000Z",
"modified": "2016-09-30T13:50:40.000Z",
"description": "download location",
"pattern": "[url:value = 'http://resboiu.ro/fpcmb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db0-4000-4f2f-b351-4f04950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:40.000Z",
"modified": "2016-09-30T13:50:40.000Z",
"description": "download location",
"pattern": "[url:value = 'http://room8008.com/g44ntci1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db0-7d7c-4a67-a70e-449e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:40.000Z",
"modified": "2016-09-30T13:50:40.000Z",
"description": "download location",
"pattern": "[url:value = 'http://unityquire.com/1nloic']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db0-a2c4-4fdf-a57a-419f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:40.000Z",
"modified": "2016-09-30T13:50:40.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'lust-vodka.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db1-8edc-4932-8b75-4740950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'puchipuchivirus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db1-a7f0-4039-881f-4c90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'resboiu.ro']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db1-bca4-4371-b87b-4421950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'room8008.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57ee6db1-78f4-4ec2-97cc-4090950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-09-30T13:50:41.000Z",
"modified": "2016-09-30T13:50:41.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'unityquire.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-09-30T13:50:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}