adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5c5331ac-c160-4a17-a34f-3da568f8e8cf.json

352 lines
14 KiB
JSON
Raw Permalink Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5c5331ac-c160-4a17-a34f-3da568f8e8cf",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T20:35:34.000Z",
"modified": "2019-01-31T20:35:34.000Z",
"name": "VK-Intel",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5c5331ac-c160-4a17-a34f-3da568f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T20:35:34.000Z",
"modified": "2019-01-31T20:35:34.000Z",
"name": "2019-01-31: ISFB v2 Installs Dridex \"3101\"",
"published": "2019-01-31T20:35:39Z",
"object_refs": [
"indicator--5c5331ac-9784-4e2e-8d87-3da568f8e8cf",
"indicator--5c5333e3-bdc0-4d4d-88bc-3a8868f8e8cf",
"indicator--5c5333f8-415c-4a90-9d03-3a8768f8e8cf",
"indicator--5c533442-dcc4-4cf9-96b3-3da768f8e8cf",
"indicator--5c53345e-faf4-4d87-a9d4-3daa68f8e8cf",
"indicator--5c533480-1348-48e5-a808-512d68f8e8cf",
"indicator--5c533480-206c-40d1-9d3c-512d68f8e8cf",
"indicator--5c533480-1eb8-458f-8481-512d68f8e8cf",
"indicator--5c5334cd-ffdc-4fd3-8666-3a8f68f8e8cf",
"indicator--5c5334cd-32e4-47ec-90a2-3a8f68f8e8cf",
"indicator--5c5334cd-93e0-4733-a743-3a8f68f8e8cf",
"indicator--5c53369e-a31c-4875-9c94-513268f8e8cf"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"Banker: Gozi ISFB v2",
"Banker: Dridex",
"Botnet \"3101\"",
"10291029JSJUYNHG",
"misp-galaxy:malpedia=\"Dridex\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5331ac-9784-4e2e-8d87-3da568f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:34:36.000Z",
"modified": "2019-01-31T17:34:36.000Z",
"pattern": "[file:hashes.MD5 = 'dc0cf61f5118914e13699fc94419815a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:34:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5333e3-bdc0-4d4d-88bc-3a8868f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:44:03.000Z",
"modified": "2019-01-31T17:44:03.000Z",
"description": "ISFB v2 Unpacked",
"pattern": "[file:hashes.MD5 = 'dc0cf61f5118914e13699fc94419815a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:44:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5333f8-415c-4a90-9d03-3a8768f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:44:24.000Z",
"modified": "2019-01-31T17:44:24.000Z",
"description": "ISFB v2 Loader packed",
"pattern": "[file:hashes.MD5 = 'd81e207b6ab5630b9f77b8ef383d9adc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:44:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c533442-dcc4-4cf9-96b3-3da768f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:45:38.000Z",
"modified": "2019-01-31T17:45:38.000Z",
"description": "Dridex Loader 3101",
"pattern": "[file:hashes.MD5 = '80c732191c362d74f1bad004335e4432']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:45:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c53345e-faf4-4d87-a9d4-3daa68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:46:06.000Z",
"modified": "2019-01-31T17:46:06.000Z",
"description": "Dridex Hooker",
"pattern": "[file:hashes.MD5 = 'd987c99fb2afc70bf0df8e05216da356']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:46:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c533480-1348-48e5-a808-512d68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:46:40.000Z",
"modified": "2019-01-31T17:46:40.000Z",
"description": "Gozi ISFB v2 Config",
"pattern": "[domain-name:value = 'taileenanahi.company']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:46:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c533480-206c-40d1-9d3c-512d68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:46:40.000Z",
"modified": "2019-01-31T17:46:40.000Z",
"description": "Gozi ISFB v2 Config",
"pattern": "[domain-name:value = 'f60vinnie75.city']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:46:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c533480-1eb8-458f-8481-512d68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:46:40.000Z",
"modified": "2019-01-31T17:46:40.000Z",
"description": "Gozi ISFB v2 Config",
"pattern": "[domain-name:value = 'h5441eqzey.fun']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:46:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5334cd-ffdc-4fd3-8666-3a8f68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:47:57.000Z",
"modified": "2019-01-31T17:47:57.000Z",
"description": "Dridex 3101 Config",
"pattern": "[url:value = '185.236.76.35:443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:47:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5334cd-32e4-47ec-90a2-3a8f68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:47:57.000Z",
"modified": "2019-01-31T17:47:57.000Z",
"description": "Dridex 3101 Config",
"pattern": "[url:value = '185.158.251.13:443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:47:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c5334cd-93e0-4733-a743-3a8f68f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:47:57.000Z",
"modified": "2019-01-31T17:47:57.000Z",
"description": "Dridex 3101 Config",
"pattern": "[url:value = '5.188.232.210:443']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:47:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c53369e-a31c-4875-9c94-513268f8e8cf",
"created_by_ref": "identity--5bfa439e-c978-4dcd-b474-73f568f8e8cf",
"created": "2019-01-31T17:55:42.000Z",
"modified": "2019-01-31T17:55:42.000Z",
"description": "ISFB v214.06 Loader Unpacked",
"pattern": "[file:hashes.MD5 = '96deee3639b433eedebbbbc15ee56787']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-01-31T17:55:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink