misp-circl-feed/feeds/circl/misp/08af4546-b6e5-4cdc-ab0f-d5290dec8307.json

856 lines
131 KiB
JSON
Raw Normal View History

2023-12-14 13:47:04 +00:00
{
"type": "bundle",
"id": "bundle--08af4546-b6e5-4cdc-ab0f-d5290dec8307",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-10-10T18:09:51.000Z",
"modified": "2023-10-10T18:09:51.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--08af4546-b6e5-4cdc-ab0f-d5290dec8307",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-10-10T18:09:51.000Z",
"modified": "2023-10-10T18:09:51.000Z",
"name": "AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475",
"published": "2023-10-10T18:10:13Z",
"object_refs": [
"indicator--29a23e64-3f04-4059-b5dc-3c107cfaa2ee",
"indicator--d58c69ca-37bb-4365-9c39-06866104c51a",
"indicator--af055e61-18a6-4f48-b8d2-70a618d8d963",
"indicator--69a47521-51ec-43b5-b017-2336e4095dd0",
"indicator--f7125e4d-5901-4030-b65b-60652e11b9ed",
"indicator--a129705a-4f65-4be6-b642-9c6447e79f5b",
"indicator--756adba7-c4fb-42e8-97e3-261b920a5a9c",
"indicator--38a421c9-f604-476d-8b68-f3e0495deedd",
"indicator--2c644d8f-00bd-4495-ae61-eea1f88178be",
"indicator--549618d5-01ba-4827-a42e-5b76f458fb07",
"indicator--e56bf5af-2fbf-4d76-b6ea-1680e37da537",
"indicator--7b3994a9-fc1d-4f5c-b3fc-338bf868dd7d",
"indicator--acf17c01-604f-4389-b045-cbf91f19872c",
"indicator--b0185157-6c58-45f2-bc6e-d20bba8c704e",
"indicator--42e8bb8d-fd22-4e9e-8007-68cb2c414c76",
"indicator--3d465228-0d62-45af-bc6d-d3937f0fe010",
"indicator--a7384582-e1bb-4517-97d8-a155ce331e36",
"indicator--687da116-4e80-41c7-a9dc-651251cd4119",
"indicator--fe5a6cfa-e45f-4d6d-bd1f-3181f13bf5c3",
"indicator--0f5b5908-314b-4e1d-a2ef-815431f2aeae",
"indicator--171a8786-25e7-4990-8481-2d544656eea5",
"indicator--c877ade3-6962-446e-a18e-5afe577af079",
"indicator--bc20b137-373e-40ba-90c0-988b89eaddc1",
"indicator--a2388459-6096-47ce-85f4-32d97326c0ce",
"indicator--5bd757b4-c470-4ce4-9d37-c8766e6a289b",
"indicator--e9ff170a-f28d-4a0d-8e32-2beeaaf94360",
"indicator--900caf89-3409-4f27-8f95-92c188df2a93",
"indicator--f4e8bd8c-7cbc-4630-8610-861e3d684d57",
"indicator--b2b8b925-8ec5-435f-b4e5-874a1e4dc598",
"indicator--2ecb5c9c-f6b7-4b49-affd-5de8c9c8862b",
"x-misp-object--a7c6ce3c-81e2-4e9a-a964-cea196615b3e"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:stix-2.1-attack-pattern=\"041bc611-87da-4ad4-a46b-b37926180b7d\"",
"misp-galaxy:stix-2.1-attack-pattern=\"e56fb691-4acb-4a45-890f-9988ca8e1db1\"",
"misp-galaxy:stix-2.1-attack-pattern=\"89ec2169-2205-4c7e-95e2-11d3e85443a4\"",
"misp-galaxy:stix-2.1-attack-pattern=\"719b79ce-4e59-4862-8d3e-282b97124d57\"",
"misp-galaxy:stix-2.1-attack-pattern=\"bbd6c5d0-6c1f-41db-8591-6be6c853af15\"",
"misp-galaxy:stix-2.1-attack-pattern=\"3456fa61-e230-42b8-b100-d1cf560ba095\"",
"misp-galaxy:stix-2.1-attack-pattern=\"2c373316-6ce5-4f43-9daf-02c94cb0c0a5\"",
"misp-galaxy:stix-2.1-attack-pattern=\"0eea33ef-23b6-413e-9e29-3f06b0fe9c9e\"",
"misp-galaxy:stix-2.1-attack-pattern=\"edc3317c-b298-4364-8977-486afac37cb5\"",
"misp-galaxy:stix-2.1-attack-pattern=\"69d1635c-cd2b-4331-8a2c-8b66e98f45d8\"",
"misp-galaxy:stix-2.1-attack-pattern=\"343f4ca7-4745-4f12-ad76-25538936deea\"",
"misp-galaxy:stix-2.1-attack-pattern=\"a860bd61-390f-4a33-976e-9d421c245615\"",
"misp-galaxy:stix-2.1-attack-pattern=\"ce5ab594-3c59-45af-8338-65901d1d027c\"",
"misp-galaxy:stix-2.1-attack-pattern=\"8ef65734-9d51-48d4-aea6-fc775f92f4fa\"",
"misp-galaxy:stix-2.1-attack-pattern=\"5b330985-0104-4097-a7b7-eac5fd65322f\"",
"misp-galaxy:stix-2.1-attack-pattern=\"fc5b8a15-c3de-4c93-803a-ce92b76e54e7\"",
"misp-galaxy:stix-2.1-attack-pattern=\"c57876e5-099a-4b04-8f09-6ff9cf266048\"",
"misp-galaxy:stix-2.1-attack-pattern=\"fd846751-22ce-46b4-a232-cc4f8797596c\"",
"misp-galaxy:stix-2.1-attack-pattern=\"691e655e-5f24-4a03-9742-10c04e70e81c\"",
"misp-galaxy:stix-2.1-attack-pattern=\"7b8278a3-fae9-455a-aad6-475a51d8ec78\"",
"misp-galaxy:stix-2.1-attack-pattern=\"6fde81c5-4e69-4e50-b065-d1f40160d688\"",
"misp-galaxy:stix-2.1-attack-pattern=\"fc682b58-a253-40a6-b734-214d976b1209\"",
"misp-galaxy:stix-2.1-attack-pattern=\"3cbb3d7b-4cae-4c7e-a682-e8b70e3f1ee4\"",
"misp-galaxy:stix-2.1-attack-pattern=\"d574506b-78ac-4061-b01f-096e192435b9\"",
"misp-galaxy:stix-2.1-attack-pattern=\"f01496d3-6783-4574-b690-55d1c058658b\"",
"misp-galaxy:stix-2.1-attack-pattern=\"49168b08-e6dd-40a0-acbf-c3ad19629c10\"",
"misp-galaxy:stix-2.1-attack-pattern=\"f73cb603-750c-4b48-b539-2981bd11f4f8\"",
"misp-galaxy:stix-2.1-attack-pattern=\"75ebee53-fa0b-40a5-a03b-086b1ad78ae6\"",
"misp-galaxy:stix-2.1-attack-pattern=\"cdba188f-b6e9-4d05-8c71-55c2635f18ee\"",
"misp-galaxy:stix-2.1-attack-pattern=\"2d3008ec-0ef3-4040-ad90-02bfffcbcb4f\"",
"misp-galaxy:stix-2.1-attack-pattern=\"b657c846-82a5-49d4-a21a-c03333b3e084\"",
"misp-galaxy:stix-2.1-attack-pattern=\"66ab02e2-e21d-411d-95aa-c10d2b6af7bc\"",
"misp-galaxy:stix-2.1-attack-pattern=\"e5d5721d-7dac-4c8f-ad36-40d68e7b2cf1\"",
"misp-galaxy:stix-2.1-attack-pattern=\"ad406ffd-dc56-467f-a3d1-d5766a19088d\"",
"misp-galaxy:stix-2.1-attack-pattern=\"126cf03a-a600-4214-b0c1-ff3a96da40d3\"",
"misp-galaxy:stix-2.1-attack-pattern=\"d300ed74-db05-4581-9313-2d6c3c49bb40\"",
"misp-galaxy:stix-2.1-attack-pattern=\"af1564b9-286f-4fd9-a083-eaa0c45e7ea4\"",
"misp-galaxy:stix-2.1-attack-pattern=\"7c4ba5a6-711b-4cd1-be8a-e2f08bfbc184\"",
"misp-galaxy:stix-2.1-attack-pattern=\"031d44b0-5163-4433-8d8f-f5e2c170746a\"",
"misp-galaxy:stix-2.1-attack-pattern=\"bd7ea606-6be2-4e66-8e25-0aa73bbfaf53\"",
"misp-galaxy:stix-2.1-attack-pattern=\"a4c8d6ab-0459-4347-a05a-280aa81d8edd\"",
"misp-galaxy:stix-2.1-attack-pattern=\"296cae9a-96c9-412c-8e4e-c7be9405208c\"",
"misp-galaxy:stix-2.1-attack-pattern=\"200007b9-4c5a-4604-8f10-46ec46853048\"",
"misp-galaxy:stix-2.1-attack-pattern=\"c566cd7d-819f-4e39-b93a-80c0e5bfcafc\"",
"misp-galaxy:stix-2.1-attack-pattern=\"f4702807-c428-41f7-8097-6f19070186e6\"",
"misp-galaxy:stix-2.1-attack-pattern=\"b73d96e3-ae7f-4095-83de-fa2523d887d7\"",
"misp-galaxy:stix-2.1-attack-pattern=\"0a35d2c4-896f-410f-a410-5a156d1aeb68\"",
"misp-galaxy:stix-2.1-attack-pattern=\"b0bd15d0-884d-4df2-ac3a-3256f3e18917\"",
"misp-galaxy:stix-2.1-attack-pattern=\"cf4144e8-d431-4618-a4cc-809ee0c82d0d\"",
"misp-galaxy:stix-2.1-attack-pattern=\"8a841dab-f386-454d-8112-6bab03a8b650\"",
"misp-galaxy:stix-2.1-attack-pattern=\"2f48791f-e918-422f-b154-8cf13b2c470d\"",
"misp-galaxy:stix-2.1-attack-pattern=\"c2685af8-747a-45d3-956a-819124642abf\"",
"misp-galaxy:stix-2.1-attack-pattern=\"24a836a9-ec21-420b-b459-23cdc1ce47b8\"",
"misp-galaxy:stix-2.1-attack-pattern=\"dfe708b2-695a-4243-950d-bec6b39c222e\"",
"misp-galaxy:stix-2.1-attack-pattern=\"1655f4f3-154f-4242-b716-1cd743998f42\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"tlp:clear"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--29a23e64-3f04-4059-b5dc-3c107cfaa2ee",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '102.129.145.232']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d58c69ca-37bb-4365-9c39-06866104c51a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.96.106.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--af055e61-18a6-4f48-b8d2-70a618d8d963",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.170.241.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--69a47521-51ec-43b5-b017-2336e4095dd0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.93.24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f7125e4d-5901-4030-b65b-60652e11b9ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.93.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a129705a-4f65-4be6-b642-9c6447e79f5b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.93.12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--756adba7-c4fb-42e8-97e3-261b920a5a9c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.93.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38a421c9-f604-476d-8b68-f3e0495deedd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.93.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c644d8f-00bd-4495-ae61-eea1f88178be",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '154.6.91.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549618d5-01ba-4827-a42e-5b76f458fb07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.105.49.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e56bf5af-2fbf-4d76-b6ea-1680e37da537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.85.241.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b3994a9-fc1d-4f5c-b3fc-338bf868dd7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.118.39.82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--acf17c01-604f-4389-b045-cbf91f19872c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.142.226.153']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b0185157-6c58-45f2-bc6e-d20bba8c704e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[domain-name:value = 'xpack.disqus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-03-29T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--42e8bb8d-fd22-4e9e-8007-68cb2c414c76",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.246.105.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3d465228-0d62-45af-bc6d-d3937f0fe010",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.142.146.226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a7384582-e1bb-4517-97d8-a155ce331e36",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.238.234.145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--687da116-4e80-41c7-a9dc-651251cd4119",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '68.177.56.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fe5a6cfa-e45f-4d6d-bd1f-3181f13bf5c3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.62.118.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0f5b5908-314b-4e1d-a2ef-815431f2aeae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.202.2.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--171a8786-25e7-4990-8481-2d544656eea5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.60.147.4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c877ade3-6962-446e-a18e-5afe577af079",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.90.123.194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bc20b137-373e-40ba-90c0-988b89eaddc1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[domain-name:value = 'main.cloudfronts.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a2388459-6096-47ce-85f4-32d97326c0ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[domain-name:value = 'cloudfronts.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5bd757b4-c470-4ce4-9d37-c8766e6a289b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.90.240.218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e9ff170a-f28d-4a0d-8e32-2beeaaf94360",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.77.121.232']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2019-07-15T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--900caf89-3409-4f27-8f95-92c188df2a93",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[file:hashes.MD5 = 'a33354d598b58f2e55eb3619c3465f24' AND file:hashes.SHA256 = '6dcc7b5e913154abac69687fcfb6a58ac66ec9b8cc7de7afd8832a9066b7bdde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f4e8bd8c-7cbc-4630-8610-861e3d684d57",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[file:hashes.MD5 = '1a0e111e60e543810423ef073b545c77' AND file:hashes.SHA256 = '47dacb8f0b157355a4fd59ccbac1c59b8268fe84f3b8a462378b064333920622']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b2b8b925-8ec5-435f-b4e5-874a1e4dc598",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[file:hashes.MD5 = '76adb0e36aac40cae0ebeb9f4bd38b52' AND file:hashes.SHA256 = '79a9136eedbf8288ad7357ddaea3a3cd1a57b7c6f82adffd5a9540e1623bfb63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2ecb5c9c-f6b7-4b49-affd-5de8c9c8862b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-09-06T15:14:46.000Z",
"modified": "2023-09-06T15:14:46.000Z",
"pattern": "[file:hashes.MD5 = 'b8967a33e6c1aee7682810b6b994b991' AND file:hashes.SHA256 = '334c2d0af191ed96b15095a4a098c400f2c0ce6b9c66d1800f6b74554d59ff4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-01-01T00:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--a7c6ce3c-81e2-4e9a-a964-cea196615b3e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-10-10T18:08:46.000Z",
"modified": "2023-10-10T18:08:46.000Z",
"labels": [
"misp:name=\"original-imported-file\"",
"misp:meta-category=\"file\""
],
"x_misp_attributes": [
{
"type": "attachment",
"object_relation": "imported-sample",
"value": "AA23-250A Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475.stix_.json",
"category": "External analysis",
"uuid": "00f57868-167d-42ce-a3e1-1ea2e3d28da7",
"data": "ewogICAgInR5cGUiOiAiYnVuZGxlIiwKICAgICJpZCI6ICJidW5kbGUtLTU1MWJmOWFjLTc2MjUtNDY0OS1hN2RmLWNiM2U5YTEyZGIzMSIsCiAgICAib2JqZWN0cyI6IFsKICAgICAgICB7CiAgICAgICAgICAgICJpZCI6ICJsb2NhdGlvbi0tNTkwMzBhZTAtZDI2My00M2M1LWE4ZjAtOTkxMWMzMzgyZTM0IiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAidHlwZSI6ICJsb2NhdGlvbiIsCiAgICAgICAgICAgICJjb3VudHJ5IjogIlVTIiwKICAgICAgICAgICAgImFkbWluaXN0cmF0aXZlX2FyZWEiOiAiVVMtREMiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTA5LTA2VDE1OjE0OjQ2LjAwMFoiLAogICAgICAgICAgICAibW9kaWZpZWQiOiAiMjAyMy0wOS0wNlQxNToxNDo0Ni4wMDBaIiwKICAgICAgICAgICAgImNyZWF0ZWRfYnlfcmVmIjogImlkZW50aXR5LS1iM2JjYTNjMi0xZjNkLTRiNTQtYjQ0Zi1kYWM0MmMzYThmMDEiLAogICAgICAgICAgICAib2JqZWN0X21hcmtpbmdfcmVmcyI6IFsKICAgICAgICAgICAgICAgICJtYXJraW5nLWRlZmluaXRpb24tLWY3ZTRmNTA0LWMyNDctNDVkZi05NTliLWY0NGViYmE4YTk5MCIsCiAgICAgICAgICAgICAgICAibWFya2luZy1kZWZpbml0aW9uLS1mODhkMzFmNi00ODZmLTQ0ZGEtYjMxNy0wMTMzM2JkZTBiODIiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAibWFya2luZy1kZWZpbml0aW9uIiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAiaWQiOiAibWFya2luZy1kZWZpbml0aW9uLS1mN2U0ZjUwNC1jMjQ3LTQ1ZGYtOTU5Yi1mNDRlYmJhOGE5OTAiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTAzLTAyVDE2OjEyOjQ1LjA2NVoiLAogICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJleHRlbnNpb24tZGVmaW5pdGlvbi0tM2E2NTg4NGQtMDA1YS00MjkwLTgzMzUtY2IyZDc3OGE4M2NlIjogewogICAgICAgICAgICAgICAgICAgICJleHRlbnNpb25fdHlwZSI6ICJwcm9wZXJ0eS1leHRlbnNpb24iLAogICAgICAgICAgICAgICAgICAgICJpZGVudGlmaWVyIjogImlzYTpndWlkZS4xOTAwMS5BQ1MzLTlkNDg1ZDUyLTIyZjktNGM5Yy04OGUzLWYwNjJjNmFmNjY0YSIsCiAgICAgICAgICAgICAgICAgICAgImNyZWF0ZV9kYXRlX3RpbWUiOiAiMjAyMy0wMy0wMlQxNjoxMjo0NS4wNjVaIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X2N1c3RvZGlhbiI6ICJVU0EuREhTLk5DQ0lDIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X29yaWdpbmF0b3IiOiAiVVNBLkRIUy5OQ0NJQyIsCiAgICAgICAgICAgICAgICAgICAgInBvbGljeV9yZWZlcmVuY2UiOiAidXJuOmlzYTpwb2xpY3k6YWNzOm5zOnYzLjA/cHJpdmRlZmF1bHQ9ZGVueSZzaGFyZWRlZmF1bHQ9ZGVueSIsCiAgICAgICAgICAgICAgICAgICAgImNvbnRyb2xfc2V0IjogewogICAgICAgICAgICAgICAgICAgICAgICAiY2xhc3NpZmljYXRpb24iOiAiVSIsCiAgICAgICAgICAgICAgICAgICAgICAgICJmb3JtYWxfZGV0ZXJtaW5hdGlvbiI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICJJTkZPUk1BVElPTi1ESVJFQ1RMWS1SRUxBVEVELVRPLUNZQkVSU0VDVVJJVFktVEhSRUFUIgogICAgICAgICAgICAgICAgICAgICAgICBdCiAgICAgICAgICAgICAgICAgICAgfSwKICAgICAgICAgICAgICAgICAgICAiYXV0aG9yaXR5X3JlZmVyZW5jZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgInVybjppc2E6YXV0aG9yaXR5OmFpcyIKICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICJhY2Nlc3NfcHJpdmlsZWdlIjogWwogICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicHJpdmlsZWdlX2FjdGlvbiI6ICJDSVNBVVNFUyIsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicnVsZV9lZmZlY3QiOiAicGVybWl0IiwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwcml2aWxlZ2Vfc2NvcGUiOiB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgImVudGl0eSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwZXJtaXR0ZWRfbmF0aW9uYWxpdGllcyI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJwZXJtaXR0ZWRfb3JnYW5pemF0aW9ucyI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIkFMTCIKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBdLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJzaGFyZWFiaWxpdHkiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAiZnVydGhlcl9zaGFyaW5nIjogWwogICAgICAgICAgICAgICAgICAgICAgICB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAic2hhcmluZ19zY29wZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiVVNBLlVTRyIKICAgICAgICAgICAgICAgICAgICAgICAgICAgIF0sCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicnVsZV9lZmZlY3QiOiAicGVybWl0IgogICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgfSwKIC
},
{
"type": "text",
"object_relation": "format",
"value": "STIX 2.1",
"category": "Other",
"uuid": "6d5ba7da-c007-4d52-8e64-44bcd468a5fe"
}
],
"x_misp_meta_category": "file",
"x_misp_name": "original-imported-file"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}