648 lines
26 KiB
JSON
648 lines
26 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--5b06a89d-64d4-4643-a41e-c25d0acd0835",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2021-09-07T20:08:26.000Z",
|
||
|
"modified": "2021-09-07T20:08:26.000Z",
|
||
|
"name": "Synovus Financial",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "report",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "report--5b06a89d-64d4-4643-a41e-c25d0acd0835",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2021-09-07T20:08:26.000Z",
|
||
|
"modified": "2021-09-07T20:08:26.000Z",
|
||
|
"name": "Emotet - 5/17/2018",
|
||
|
"published": "2020-06-29T12:48:29Z",
|
||
|
"object_refs": [
|
||
|
"observed-data--a3ee94ef-45dd-4021-9849-6e184f711f65",
|
||
|
"url--a3ee94ef-45dd-4021-9849-6e184f711f65",
|
||
|
"indicator--51cd1cd4-d58a-4286-b82f-c3d13dbabd18",
|
||
|
"indicator--6a6cf69a-cb94-4830-ac00-cb11c14eb9ae",
|
||
|
"indicator--eda81c14-c468-47d2-8c39-f13a128cf56e",
|
||
|
"indicator--f742f7a5-2694-4792-b32e-467b9470cb10",
|
||
|
"indicator--997ce30f-b837-4c81-8a33-df3a07f618b5",
|
||
|
"indicator--b6167eec-15a9-454a-93ee-727eca6ce939",
|
||
|
"indicator--d7cde6b5-84e6-42b1-9cf3-e90bf9872808",
|
||
|
"indicator--8a0152ea-c5bf-4ee5-ad92-8a9bc0458a88",
|
||
|
"indicator--04c0f1b6-e6ce-468c-b9db-bc6b3ed95d00",
|
||
|
"indicator--1ff3037b-72d9-4b2f-91b8-41d293f97c9a",
|
||
|
"indicator--b508a0b5-4343-4c8d-b19b-4c602e571aae",
|
||
|
"indicator--c421a999-6f8d-4c1e-9f52-9eaacab64705",
|
||
|
"indicator--6a8909b9-4fb4-4cc4-b7ef-77db1c439db0",
|
||
|
"indicator--cabab3f8-7af3-4deb-a43f-56dab6fbdd7d",
|
||
|
"indicator--966d319d-fa42-4402-af74-ef24b772cff4",
|
||
|
"indicator--83acd0a0-d86f-42ca-9783-3a94da9623b4",
|
||
|
"indicator--b89709fc-08e8-498e-8eec-9476f5aedd05",
|
||
|
"indicator--c9b49e56-1c70-41d0-a4d8-68096d77578b",
|
||
|
"indicator--dc4a577f-bab7-47a4-bbdc-dd3a4198ec61",
|
||
|
"indicator--fb4fada3-d010-4cd6-b0cf-fd0057611274",
|
||
|
"indicator--0889008a-886f-44f4-bac8-ac03a687ab50",
|
||
|
"indicator--7a60ebc3-2d5e-4648-8336-30f08eac9963",
|
||
|
"indicator--a5ea34a5-bd49-4127-bd0c-ffab558aaa61",
|
||
|
"indicator--91eb3247-baee-4c7f-8972-c6ef46f68efc"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"misp-galaxy:tool=\"Emotet\""
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--a3ee94ef-45dd-4021-9849-6e184f711f65",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-08-23T14:53:29.000Z",
|
||
|
"modified": "2018-08-23T14:53:29.000Z",
|
||
|
"first_observed": "2018-08-23T14:53:29Z",
|
||
|
"last_observed": "2018-08-23T14:53:29Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--a3ee94ef-45dd-4021-9849-6e184f711f65"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--a3ee94ef-45dd-4021-9849-6e184f711f65",
|
||
|
"value": "https://protonmail.com"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--51cd1cd4-d58a-4286-b82f-c3d13dbabd18",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:57:35.000Z",
|
||
|
"modified": "2018-05-24T11:57:35.000Z",
|
||
|
"pattern": "[url:value = 'http://die-tauchbar.de/0sqozcr7t/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:57:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6a6cf69a-cb94-4830-ac00-cb11c14eb9ae",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:57:41.000Z",
|
||
|
"modified": "2018-05-24T11:57:41.000Z",
|
||
|
"pattern": "[url:value = 'http://angelabphotography.com/odTXjg2LUj/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:57:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--eda81c14-c468-47d2-8c39-f13a128cf56e",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:57:48.000Z",
|
||
|
"modified": "2018-05-24T11:57:48.000Z",
|
||
|
"pattern": "[url:value = 'http://davehale.co.uk/PEi9fva6/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:57:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f742f7a5-2694-4792-b32e-467b9470cb10",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:57:54.000Z",
|
||
|
"modified": "2018-05-24T11:57:54.000Z",
|
||
|
"pattern": "[url:value = 'https://computerspendehamburg.de/AZ0d3f2/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:57:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--997ce30f-b837-4c81-8a33-df3a07f618b5",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:00.000Z",
|
||
|
"modified": "2018-05-24T11:58:00.000Z",
|
||
|
"pattern": "[url:value = 'http://cedric-2000.de/2ZKr9GWOTYfA/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b6167eec-15a9-454a-93ee-727eca6ce939",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:06.000Z",
|
||
|
"modified": "2018-05-24T11:58:06.000Z",
|
||
|
"pattern": "[url:value = 'http://amicidisantorfeto.com/xqib2HviBaMVX/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d7cde6b5-84e6-42b1-9cf3-e90bf9872808",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:12.000Z",
|
||
|
"modified": "2018-05-24T11:58:12.000Z",
|
||
|
"pattern": "[url:value = 'http://jackhonky.com/jHCmUpcpWY/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8a0152ea-c5bf-4ee5-ad92-8a9bc0458a88",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:18.000Z",
|
||
|
"modified": "2018-05-24T11:58:18.000Z",
|
||
|
"pattern": "[url:value = 'http://lewistonsports.com/Tc9KflZQff/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--04c0f1b6-e6ce-468c-b9db-bc6b3ed95d00",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:24.000Z",
|
||
|
"modified": "2018-05-24T11:58:24.000Z",
|
||
|
"pattern": "[url:value = 'http://brownaudio.com/HIKvfaK4i00N/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--1ff3037b-72d9-4b2f-91b8-41d293f97c9a",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:30.000Z",
|
||
|
"modified": "2018-05-24T11:58:30.000Z",
|
||
|
"pattern": "[url:value = 'http://iceraven.com/wiqK7wrood/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b508a0b5-4343-4c8d-b19b-4c602e571aae",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:36.000Z",
|
||
|
"modified": "2018-05-24T11:58:36.000Z",
|
||
|
"pattern": "[url:value = 'http://eliaswessel.com/xwlNVbDXquiHb/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c421a999-6f8d-4c1e-9f52-9eaacab64705",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:42.000Z",
|
||
|
"modified": "2018-05-24T11:58:42.000Z",
|
||
|
"pattern": "[url:value = 'http://eiskugel.org/0x62gdvG/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:42Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6a8909b9-4fb4-4cc4-b7ef-77db1c439db0",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:48.000Z",
|
||
|
"modified": "2018-05-24T11:58:48.000Z",
|
||
|
"pattern": "[url:value = 'http://fam-koenig.de/WI08F7EB5xfSb/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--cabab3f8-7af3-4deb-a43f-56dab6fbdd7d",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:58:54.000Z",
|
||
|
"modified": "2018-05-24T11:58:54.000Z",
|
||
|
"pattern": "[url:value = 'http://bernardesdias.com.br/Tp3pGZcNeFgf/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:58:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--966d319d-fa42-4402-af74-ef24b772cff4",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:00.000Z",
|
||
|
"modified": "2018-05-24T11:59:00.000Z",
|
||
|
"pattern": "[url:value = 'http://prokeyboardist.com/0qLVjK7JgMX/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--83acd0a0-d86f-42ca-9783-3a94da9623b4",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:07.000Z",
|
||
|
"modified": "2018-05-24T11:59:07.000Z",
|
||
|
"pattern": "[url:value = 'http://jorgensenco.dk/DY4MWPI/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b89709fc-08e8-498e-8eec-9476f5aedd05",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:13.000Z",
|
||
|
"modified": "2018-05-24T11:59:13.000Z",
|
||
|
"pattern": "[url:value = 'http://fischereiverein-dotternhausen.de/o6q0hhj9s/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c9b49e56-1c70-41d0-a4d8-68096d77578b",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:19.000Z",
|
||
|
"modified": "2018-05-24T11:59:19.000Z",
|
||
|
"pattern": "[url:value = 'http://imagemarketingwest.com/Rv72B/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--dc4a577f-bab7-47a4-bbdc-dd3a4198ec61",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:25.000Z",
|
||
|
"modified": "2018-05-24T11:59:25.000Z",
|
||
|
"pattern": "[url:value = 'https://jaseminedenise.com/ycxPnqQ/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--fb4fada3-d010-4cd6-b0cf-fd0057611274",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:31.000Z",
|
||
|
"modified": "2018-05-24T11:59:31.000Z",
|
||
|
"pattern": "[url:value = 'http://leavemeinstitches.com/ZLYU/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0889008a-886f-44f4-bac8-ac03a687ab50",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:37.000Z",
|
||
|
"modified": "2018-05-24T11:59:37.000Z",
|
||
|
"pattern": "[url:value = 'http://jsaphotoarts.com/0s4G/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7a60ebc3-2d5e-4648-8336-30f08eac9963",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T11:59:44.000Z",
|
||
|
"modified": "2018-05-24T11:59:44.000Z",
|
||
|
"pattern": "[url:value = 'http://downinthecountry.com/pW3xNW/']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T11:59:44Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a5ea34a5-bd49-4127-bd0c-ffab558aaa61",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T12:02:06.000Z",
|
||
|
"modified": "2018-05-24T12:02:06.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.21.67.85']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T12:02:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--91eb3247-baee-4c7f-8972-c6ef46f68efc",
|
||
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
||
|
"created": "2018-05-24T12:02:09.000Z",
|
||
|
"modified": "2018-05-24T12:02:09.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.120.170.231']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2018-05-24T12:02:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|