2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--4b475a5f-ea47-4f2f-aea3-d8ba9bd1b6b6" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:40:06.000Z" ,
"modified" : "2022-01-30T10:40:06.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--4b475a5f-ea47-4f2f-aea3-d8ba9bd1b6b6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:40:06.000Z" ,
"modified" : "2022-01-30T10:40:06.000Z" ,
"name" : "OSINT - Cytrox Spyware Indicators of Compromise" ,
"published" : "2022-01-30T10:40:17Z" ,
"object_refs" : [
"indicator--81efca44-80f3-4af5-8fb7-2adac09bc441" ,
"indicator--2e2f04a2-f118-4173-9c8e-0239bf1a2275" ,
"indicator--e96995ba-21b6-421c-ab76-2f9033027ba6" ,
"indicator--46501d2a-e0d5-433a-97a1-5c7a51e253fd" ,
"indicator--5a285db2-47e1-460b-a29b-578eaef98360" ,
"indicator--6e3a2a11-8388-4df3-a8e7-0d0e3d738087" ,
"indicator--5446169c-6ecf-4170-84d5-693592ee3658" ,
"indicator--8107c1fb-fd2f-41a3-977b-8960a5d4c378" ,
"indicator--96a6b121-bac8-4cf1-8787-059df157d254" ,
"indicator--09963b62-44aa-4818-9d98-c558f0273a15" ,
"indicator--debc2347-209b-4537-ba70-7901c3dc7283" ,
"indicator--90a131af-f06b-463b-9e56-42d51a89deaa" ,
"indicator--7b706010-9ef4-45a5-a913-1e4162735294" ,
"indicator--255be985-8b0b-49a5-ad29-3d37fd0f3c63" ,
"indicator--2fa975f4-7a1a-47b2-aa2a-e3f703b09ab2" ,
"indicator--b61d5c8c-8964-4e34-adb9-36e8245576cb" ,
"indicator--49021dea-5371-4d79-b093-4948ba0c3ff1" ,
"indicator--13f42f7b-c0d5-4281-8d83-561ec441c930" ,
"indicator--24243169-8697-48a1-bb99-17bb1e37d4dd" ,
"indicator--94220acf-d481-4f83-9aa0-3b6bb7c0177d" ,
"indicator--dadba41c-dc50-42a3-ad92-b3ad524c2fa8" ,
"indicator--5c4c8469-56e2-46c6-8ed7-13f54f662102" ,
"indicator--1e534a66-1732-40d8-bff7-6e760a9a2b85" ,
"indicator--1a2d9b3a-810e-4de0-8453-906287ff2997" ,
"indicator--993af816-13f6-4177-8df8-11a949b868d8" ,
"indicator--087f187b-3a41-4169-86aa-b1f76271dbec" ,
"indicator--27d902d4-87d1-45c5-ae92-4db9d491ce22" ,
"indicator--a9c4eaf8-9ea8-4c5a-af40-adcce69b9359" ,
"indicator--d74372f1-bc95-426a-82f7-beb97d269dea" ,
"indicator--901470be-ea4b-4080-99b8-6ffec8f5a5a6" ,
"indicator--d6696519-191e-4396-bc80-4095a4fca6b0" ,
"indicator--09d36209-d326-4235-b3bf-40443c98c511" ,
"indicator--34ed38e3-7c6d-4c57-a839-620c1669b09c" ,
"indicator--8aebd50d-ef2a-4402-a221-f50bef8e3480" ,
"indicator--efa49e47-f6f0-45df-9d4d-af12c97249de" ,
"indicator--003a463c-b29b-4364-81e4-74cde40801ae" ,
"indicator--9b18b86d-745f-42f8-a7a2-c267c3797041" ,
"indicator--485be54c-5794-4446-a0a3-67bfa4e50942" ,
"indicator--28127113-c787-407c-adcc-c1a1cbd03f3c" ,
"indicator--ebe02e6b-db9e-4bf0-a643-713bbd162773" ,
"indicator--f601391e-ebec-409d-a7ba-7abe6706692a" ,
"indicator--ac07bced-2620-4c9a-9825-d33c71129563" ,
"indicator--4cf86a85-fd40-4310-bcb4-766f86104fe3" ,
"indicator--7e6e9143-9521-4368-b75f-946791fa8c88" ,
"indicator--4ca0f5bd-f5b0-4358-95fd-6ac37ed422fe" ,
"indicator--bd289319-bfd2-4457-8da3-7c86e4eb5432" ,
"indicator--f0242937-a663-49d9-91a6-d9bef37d184e" ,
"indicator--70f73d47-44ff-495c-bb7c-f674701d149c" ,
"indicator--066398c3-48ee-49b7-ad63-963b5ee1026b" ,
"indicator--cf85f4b1-cef7-499b-b1b4-82dc31b54a9d" ,
"indicator--3a86a1be-a0a7-4b5b-b1ad-1d77b971dcff" ,
"indicator--d14c16d2-076f-4f02-8936-18626086f961" ,
"indicator--dad4879f-778b-4349-8d6b-13ff83e39150" ,
"indicator--4ccdcdef-e94d-4f7c-98c4-067061db73f1" ,
"indicator--5ae720ed-4497-4a02-a5b7-d2f0ec505129" ,
"indicator--8d7c8719-1658-42a1-aeb2-94951be93893" ,
"indicator--bb1174df-0262-42b5-8993-dfbca988fe2a" ,
"indicator--95277b90-4b66-4b18-8523-ec395c7207fe" ,
"indicator--948b8dea-36f0-4709-8fa6-8073a3aebb3a" ,
"indicator--a059e603-2cc4-4d03-b537-24f7e9a2eacb" ,
"indicator--8c4831ff-88e5-4bfd-8b9f-40c734af3144" ,
"indicator--ddcb07c2-00c8-4762-9cc2-6177b57a47c8" ,
"indicator--9010dfd7-e4e8-4e00-9266-c7b594ee3098" ,
"indicator--3edfc428-bee7-404e-a38a-03ffca7d8825" ,
"indicator--cac2c444-a625-4574-b924-d3ebefc923d3" ,
"indicator--20a63ad7-9927-4644-9ebe-14e43d3598dc" ,
"indicator--744a4091-f302-4928-a3d9-e8babddd9529" ,
"indicator--2da02320-e77b-4bfb-929f-9b322f284249" ,
"indicator--1a411d21-2364-4298-ad20-a7212732dff6" ,
"indicator--f04f6fb9-2e63-4b50-911d-ce521e7af9c0" ,
"indicator--ff5a4722-b6d8-4019-9af0-3a6c591dfd3e" ,
"indicator--9b58b24d-4f1a-4079-a036-ff11ef863252" ,
"indicator--ce6e0ba9-89ba-4806-9869-0cc8aaa590ea" ,
"indicator--21f6f6a8-cf16-4a91-b142-2a5a3bf40904" ,
"indicator--49bc9b6b-c1a3-4ad0-9a7d-a9eb2cf4c5bc" ,
"indicator--8b89b16a-6e38-4b7a-99a1-a8f5792db563" ,
"indicator--bbc93630-e44f-4a0d-ae60-922ffe9e0b93" ,
"indicator--c70788c3-eca7-40d4-b662-cbab7a49a6b1" ,
"indicator--6000ef97-f5da-40de-a188-024799603502" ,
"indicator--104689c1-9d29-4577-9d9e-9fb6f14da5e8" ,
"indicator--e045fa9f-fc3a-4123-9cd4-3448061b97d3" ,
"indicator--fe6b466f-62fa-48ac-ab2c-a92be207a833" ,
"indicator--b67703a6-5f6b-4d73-a27f-199821f73ed6" ,
"indicator--bf5d25ea-75de-472a-8310-15f5e0b4932e" ,
"indicator--2f367350-f35f-4ec8-adf0-d475a6eb7302" ,
"indicator--81cae761-b61d-499c-ad2b-ae98c67f5bc3" ,
"indicator--e1a8674a-8801-4373-b2bd-d5b591c02d9f" ,
"indicator--23a09185-6628-4af7-a388-ce657638553a" ,
"indicator--f7dd2207-35c2-47ae-89b5-2a8bd2c042cc" ,
"indicator--dc8879b3-2fdd-45d8-88e7-b8482788a5b2" ,
"indicator--db0c7980-ec7f-48d4-8f52-79b773832083" ,
"indicator--8cbe0466-9c7b-49fb-989c-d2b3f4855a96" ,
"indicator--a1e0afc3-3cfa-4b2e-8dda-95c717b0da9d" ,
"indicator--f0cadc91-b2be-4df1-8a68-581d21b6dcff" ,
"indicator--61f0ef41-183d-49d5-ae07-a2694af55919" ,
"indicator--30da6c62-4d17-4aae-b16a-3f675297d52c" ,
"indicator--99309856-9569-45e7-9d5d-4910c12af72f" ,
"indicator--90c4c296-a888-458a-a651-2d3aea700a45" ,
"indicator--09ec9968-d4d5-4d8e-a833-e63b7151db86" ,
"indicator--935bcab5-38e0-41ac-911d-2b9501398643" ,
"indicator--748caba0-792e-4d50-98aa-bb9973de74bc" ,
"indicator--1c00ba31-22af-4a47-81d3-133ee183085b" ,
"indicator--2506b0da-f468-4cdc-a82e-a9dab7ffb204" ,
"indicator--0b3993ca-f7cc-450a-ba56-9472951c2ef7" ,
"indicator--549abe91-8cb0-4b7a-ba5f-0046df003803" ,
"indicator--73a0329a-7b63-400a-97cd-e26dfa12929c" ,
"indicator--0871e302-e849-4c77-a2d3-53c67dcf2719" ,
"indicator--2e33ab1d-f4ec-42bb-9991-e6fdd621ca82" ,
"indicator--2f29f944-733c-4b93-bbe7-9e98b72bb187" ,
"indicator--a91b2b7d-e0ad-427e-b79b-ca420a12a048" ,
"indicator--2d9765d7-e61d-487d-825d-a41699a9741f" ,
"indicator--e229cdc0-aa20-46d1-afc3-8d6178a4fe37" ,
"indicator--1152787e-ed89-4860-bd4c-eac820d3fd57" ,
"indicator--eaa84fae-1045-4efc-9f34-645782acd116" ,
"indicator--ee4de759-0ad6-48fe-a698-71987e9a2086" ,
"indicator--1feca209-54ad-4250-980b-c1213595059f" ,
"indicator--ca625364-45a8-4fb4-a919-365004a9d24a" ,
"indicator--db2ba484-cfdc-4c5b-991f-14906020b97b" ,
"indicator--a8ed5319-8b87-46f3-bce3-a228b2ba3d81" ,
"indicator--f811b4e9-128a-4ce4-b211-05bf34896abf" ,
"indicator--3e1d9744-4318-453d-983b-db773ed4e003" ,
"indicator--e9e59dde-a35f-4170-87e6-030ee72d6845" ,
"indicator--1337cc14-1b9c-4d37-a25d-bd736508041d" ,
"indicator--7ea3ac59-ee17-4530-8b81-c53d66fdccb3" ,
"indicator--99433f06-e227-474d-9045-8e8af7be1f52" ,
"indicator--437fa889-e76f-44ac-9b17-83ef6d8f11e2" ,
"indicator--4777a5d1-e638-42b0-95a3-7f88d99be990" ,
"indicator--ded354aa-0ced-4165-9154-b1b1848e5d58" ,
"indicator--3d73627d-b4ca-484e-9983-936fe2509ddf" ,
"indicator--01b6f708-1a03-45d3-8b1d-4cae8036359f" ,
"indicator--07450a98-9bc3-4fb6-adbf-cf710bac5846" ,
"indicator--ac57b5b8-68d4-4e43-bf71-3c345b6c8547" ,
"indicator--3d385ce8-bc5c-4a52-9ab3-958b67fadb33" ,
"indicator--1de007be-18ec-4987-b71b-785a9ff63254" ,
"indicator--73e43a97-2e2f-4a7f-87da-b379c17f13fa" ,
"indicator--dbb91060-cfc7-47d7-96de-c88e70c62a2b" ,
"indicator--13a740d1-d5e2-414e-9673-837d5fa433de" ,
"indicator--75861ba5-a4ac-4daf-8987-9303658ec41c" ,
"indicator--4d48f243-9a16-4a88-a79e-13d53445c9d2" ,
"indicator--b516d270-21e1-4f29-a1a0-764911e8c8cf" ,
"indicator--deb22c9f-cb56-4197-9424-e08f9ba1ae32" ,
"indicator--10da3fbb-8412-4577-b26a-8858ab9f7b71" ,
"indicator--a09f38b9-2f25-4837-b3b4-cf9dbc34ea77" ,
"indicator--e10f7108-0b61-4122-ad2a-ac5fcc097f72" ,
"indicator--d653dd3b-50e0-4168-855b-14ac89a31695" ,
"indicator--e663cf20-129e-428c-b3e3-ddaa86176059" ,
"indicator--0a3f5bbd-8180-43cf-9c39-8413e2188fb5" ,
"indicator--dac7d9c5-1724-48a9-91e0-63e8fdd9e994" ,
"indicator--fa8b1e27-b650-48f6-9eed-df46fb4acf6f" ,
"indicator--febf276c-3a9e-4fd6-ab4d-04bc5822af78" ,
"indicator--77a5a2fe-80a1-4030-a1ba-a6df896bd41a" ,
"indicator--77641e2c-87d6-4462-a3ec-79ef3f39e0bc" ,
"indicator--038ea7ab-9500-4e0e-97d1-857234a7d2ec" ,
"indicator--f27e61ab-f594-4c80-aeec-cdc975e507ca" ,
"indicator--2fe5b0a1-ac80-42c6-9e35-dd86c9198897" ,
"indicator--171a043d-c5bb-4483-83ee-12976193d80d" ,
"indicator--1eaaf3b8-9112-4b90-9215-68e0e71126e6" ,
"indicator--2f0d8b48-2ccf-4b12-bb10-1efc7e309911" ,
"indicator--eb45c367-fea6-40b7-9ab3-8d4f2eb8dfe3" ,
"indicator--f6f1db9a-4053-4e23-96eb-6eea6fe592b7" ,
"indicator--ecd35815-a4a2-4c62-82b8-647c68533168" ,
"indicator--8af2791b-1ea1-4a82-b8c9-4d8d50f8cd17" ,
"indicator--cf6b3708-8f55-42a6-a613-4b9a7f8b4e59" ,
"indicator--980ad684-f736-417b-a656-c06228756e6f" ,
"indicator--97ba1829-a091-44c1-9455-61c31d07a4e3" ,
"indicator--1db30066-a2ef-4ac0-8b1d-df030f595d9d" ,
"indicator--18345894-209f-4f7d-beb3-708bfe43a1c2" ,
"indicator--257362fd-2770-4707-8599-fa65f8ad7d0a" ,
"indicator--daf7ca58-8b52-4f62-9c5f-035e8bf0529a" ,
"indicator--b602a4e2-5ca8-4e85-ad09-57855044607f" ,
"indicator--7b5c8565-cfb5-43d7-97d2-180a2589d413" ,
"indicator--4a7422c4-4688-4d64-839b-ddf90c946a1b" ,
"indicator--4de4af8f-3ece-42bc-b40a-becd9523374a" ,
"indicator--c1bcd463-8ba8-4602-983e-b07c8c50849a" ,
"indicator--5a45ac49-4b17-4cbb-a960-bc2af1a7dba7" ,
"indicator--b7a889c1-d2ae-480a-afab-590fa8a2a5ee" ,
"indicator--89dc5738-d457-4823-a60a-94f21f72673f" ,
"indicator--6f8bcbd9-b94f-4f82-915a-b0d39c7ee3c4" ,
"indicator--1df46c75-7921-4308-9d75-e91430724ca2" ,
"indicator--4fdeb5cc-a7de-4fe6-bdf3-0b9af4b880fb" ,
"indicator--b8ccb07d-2109-4d0b-83e0-7ef9ac907d0f" ,
"indicator--b3ca055c-e81c-4844-8c70-85ef9b1cf463" ,
"indicator--40bbaea3-00ff-468f-8add-d902e3b5c1b0" ,
"indicator--9a9c8608-9838-4dfb-854e-96975cf8b939" ,
"indicator--3dcfbcca-074f-4981-a2df-ba5c828d984a" ,
"indicator--baf8af4c-4a16-49fe-a2ca-39dd4d217986" ,
"indicator--dfdc12cd-78c0-436f-9d9f-13d15b24e616" ,
"indicator--8e9283c5-2053-470f-ac0e-1f1867e9e11a" ,
"indicator--973187cb-f794-480c-ab45-7870236cf63f" ,
"indicator--5d0c0e15-a56d-4fb9-b6d4-c8b74feed731" ,
"indicator--259a7697-5957-4302-b237-7bcfafea0d94" ,
"indicator--21d1bbcf-6b29-45bb-8984-2838acbcada9" ,
"indicator--0fa4f763-1376-4214-ba31-b6e98819f416" ,
"indicator--121c8d12-90ce-4578-b89a-856fa1df547a" ,
"indicator--388aaffe-3152-4fab-8428-36f2110c1888" ,
"indicator--6863db87-c31f-4040-9d6b-4410dbb725f4" ,
"indicator--d89f16cc-cb4d-4991-b224-f23214917175" ,
"indicator--c8fba428-3a34-4565-937b-f2494adbaf91" ,
"indicator--d3d207be-fa7f-4748-8082-fe32084d1b19" ,
"indicator--ecd8eaf2-dc91-43c4-825e-b6e5853d56e5" ,
"indicator--f3b34772-179d-4bcc-87d7-b2c70900b955" ,
"indicator--8fee3f0d-dcca-47fc-9097-40dbfc848c0b" ,
"indicator--5315e7f4-aa10-4641-bbbe-6b1c7eb241df" ,
"indicator--95d39b25-592e-464d-9212-b564af06a4e5" ,
"indicator--81fa911d-c5af-42fb-b61b-288021e0cf3a" ,
"indicator--2668dfce-54f5-4fbc-b99b-faa0a21ef1ae" ,
"indicator--7e71dd5c-82b5-40b4-855e-6a80cb4acb1d" ,
"indicator--2f7a915c-a00f-4bb2-b862-66be4a250c9e" ,
"indicator--e32d5970-af9b-4017-94e0-05fa64820cd4" ,
"indicator--de46ff06-912f-45fa-8e86-2229efe4cbd1" ,
"indicator--e6c9173b-44d1-484a-bf42-90b7aa74d1f2" ,
"indicator--70ef642d-57a1-41ea-b941-da4b5801c760" ,
"indicator--a5ad04a7-dfd3-4c85-9387-ee322da7a24a" ,
"indicator--eda5157b-dcc3-4609-8002-f50710c04434" ,
"indicator--c77d5da9-2488-4b78-a396-56893089b69f" ,
"indicator--78c52144-60f1-4c7e-8986-0a0e9a2ae3d2" ,
"indicator--44e854d4-267a-4c1f-8b4d-dde49985030c" ,
"indicator--d200af18-edbf-4f8b-87c3-52045227e189" ,
"indicator--d5fff34d-eb00-4b37-8273-3b51fbb87995" ,
"indicator--b82a6099-2c5b-4562-a1f8-c385f5cead46" ,
"indicator--4dfced26-0d23-4c22-ae8d-c1de4519582b" ,
"indicator--73be604e-31d3-4b41-bcf5-e63690b35055" ,
"indicator--9dc12793-cb24-4761-bcbf-471ec47f585c" ,
"indicator--a76a122d-3156-46e2-815d-69b39734bd5d" ,
"indicator--90c431f9-fcc2-45e8-ab7d-56a3c271b066" ,
"indicator--40abb731-15d2-467a-a435-8ce7de39cc0e" ,
"indicator--dc850998-3aa8-4103-bee6-b70f4ea53628" ,
"indicator--fb1eeecb-61fa-4d8f-89d2-60ef8e8136ad" ,
"indicator--c45e6ed2-2368-428f-a212-abce61b09865" ,
"indicator--d16d3fe3-c515-4420-9fb0-d21f0b60565c" ,
"indicator--daa7def9-a735-4e8a-b3e6-18d9e78f37b5" ,
"indicator--482b6622-30bc-4b62-bffe-c7dd3f336d29" ,
"indicator--097992c8-e640-40c2-9031-35f0976531ac" ,
"indicator--f83be75e-53ff-4b62-8d9f-493651c10c35" ,
"indicator--de9abd2f-8c29-4e73-8b6b-934ab2f5514e" ,
"indicator--72b9c18f-2b54-4aea-8540-33c76119814e" ,
"indicator--e365f17f-3ddd-4b26-b73e-402268373aed" ,
"indicator--257a5633-f116-4d9b-8775-2bdb83d3f5f0" ,
"indicator--e8f7c662-b7f6-4257-ae60-79629bb5a91f" ,
"indicator--bcbd25ee-8c06-4713-8d23-f31c98004b3a" ,
"indicator--f35a869f-52e4-49c0-a354-118acb9ccffb" ,
"indicator--fbf5f170-11e6-40b7-9ae0-65a00ec39314" ,
"indicator--8f2aa532-d874-42f5-b2b6-9f64bd4bcc90" ,
"indicator--e68bf835-515a-44bc-ada6-0ba42c331949" ,
"indicator--7664644e-31ad-4f60-9739-34237f6d81df" ,
"indicator--6ca386b8-0289-488b-81b8-056e5851ce81" ,
"indicator--a2c247a1-6df2-49dd-bb61-68a4f244ddda" ,
"indicator--43387a03-7765-47aa-b5ed-d7c6bfb0f3b9" ,
"indicator--2ff9e891-845e-4db2-a960-14fdf7b5abbe" ,
"indicator--9da56dc0-555b-43c6-849e-d395e513239a" ,
"indicator--c30fbf27-e36b-4dc7-ad5b-274dbe216442" ,
"indicator--23eb7677-9c5b-40f3-8db8-0db9d00bfca0" ,
"indicator--0de655ae-07ff-4809-84cc-3cfea8da58ef" ,
"indicator--093937c1-4034-4617-a9dc-e55dcb15a4f6" ,
"indicator--b77dffc5-435e-4aab-8246-3e0073599068" ,
"indicator--1be173ac-b016-4979-bfc6-32c1ea7019ce" ,
"indicator--2af63a3a-315c-498d-bb85-dcdecb26bc52" ,
"indicator--eece0b35-ae03-416b-b183-2bf5a4b0641c" ,
"indicator--947939ec-59ee-496e-ac18-9cbb5657563f" ,
"indicator--f398103d-3f84-4c35-9223-71ecbc90f867" ,
"indicator--6993238b-037a-4768-a706-db895d6cff06" ,
"indicator--1fa4b4d3-8601-499d-8fae-e21f7d0c398e" ,
"indicator--a0b446c7-0ce0-43b7-90b0-a3d277e7b1a9" ,
"indicator--c271cc6a-04c3-4004-a17f-9d28e742d360" ,
"indicator--3c6feb64-187d-4a26-acc0-9b2c877ef5e0" ,
"indicator--25b51862-e0ee-4eba-b346-2abae972932b" ,
"indicator--1c6bb5e8-1a88-440d-b50d-2958b2961d96" ,
"indicator--a644a71a-7a07-4a23-92fa-648f30d8b225" ,
"indicator--32a10c7f-3c82-4c8b-8766-3e44d6ac7870" ,
"indicator--6997e2e3-b181-48d0-9da5-bf629b5de9b4" ,
"indicator--bf0e8173-9770-4307-8329-f41719027704" ,
"indicator--59547364-db43-4c9a-afc6-b7e39e9be2fd" ,
"indicator--5ccba526-fa0d-404f-8aba-19914f1edf9e" ,
"indicator--a6f786e9-8a29-49a3-850b-642f0d4563a9" ,
"indicator--408a82c7-6834-4ca8-9a8e-2ebcb1b15308" ,
"indicator--abd16fd0-19e2-4b9b-b14c-8d3081057dd7" ,
"indicator--e0af7147-9b8b-43e4-bfb7-a42f2fce452c" ,
"indicator--7cf9ff37-8293-4987-89da-b4eb81bb5c4d" ,
"indicator--19673405-e01f-4696-8069-ee6ee69bdc05" ,
"indicator--f6b9694d-6190-486e-8eae-63e5556c8c3d" ,
"indicator--ca3b431d-8853-4867-9eab-827685c24b77" ,
"indicator--c36623b5-b5a9-4983-8159-bda79298a059" ,
"indicator--9c46cf47-d808-4076-8850-0cc8a1b381be" ,
"indicator--446b7036-23d2-4d3e-af71-a5305024f691" ,
"indicator--061792c8-d321-4605-8ea0-39b3204a6c90" ,
"indicator--7fd8ff56-990a-419a-a260-8ac6f49676ec" ,
"indicator--a9b7cebc-98bc-419d-836d-ee33ef2cfc1f" ,
"indicator--1a288c93-01a0-4fa7-a15a-2fe3f77d32ff" ,
"indicator--63f4adae-01b0-459c-a5c1-cbb6de37179c" ,
"indicator--52982af2-5d85-4c84-a05d-b9d86a7c13f2" ,
"indicator--42e67512-d527-469d-8d9e-37f89162404a" ,
"indicator--57cc5253-a9ca-4d2a-b701-0a95f3974ad0" ,
"indicator--d613d620-f216-452c-8d3d-6fd321704f36" ,
"indicator--a5f4b662-a4ec-45c2-8929-0bb3791077ca" ,
"indicator--517e7065-9b0e-415b-8fbc-e3e0e80c132b" ,
"indicator--3d60bde8-5506-45d8-866c-8262c499ed43" ,
"indicator--523a26a1-c08c-4b6b-a47b-71255fd3ef91" ,
"indicator--d4651539-5d99-466b-b0d8-a186b6c86017" ,
"indicator--ef26bd65-1e7c-4ba5-881b-70fb93d10722" ,
"indicator--96749e37-6f8c-44e1-9096-e43595ea733e" ,
"indicator--2b41641d-7d9d-4a50-b655-7c589dffb607" ,
"indicator--d1602855-1ee1-4ae4-8729-f1abb18f6802" ,
"indicator--01abdc3a-1ec8-467e-a813-5d3ffcb99d21" ,
"indicator--212bea34-adb6-4534-b911-e79c0b3b66e7" ,
"indicator--5de6ace5-5cd8-4411-ae30-68e6e823fa71" ,
"indicator--e2a87abf-b466-4ca0-a52c-6515a84c5b8d" ,
"indicator--be337a4c-ff98-41f3-8f36-7a134803813e" ,
"indicator--bd70bd72-7db3-44a0-9863-eb2202552c02" ,
"indicator--ac9bc3a3-5ab9-4351-a17e-b91a243eaf5b" ,
"indicator--38afc77b-fd77-4109-ba61-b3870c2b56c5" ,
"indicator--b5bc59d0-2bc0-453e-a5c3-9a30b7e393a3" ,
"indicator--16eb733c-d4f1-4c16-b30f-cd3f2bc527a6" ,
"indicator--930907c5-f6e1-4ee9-9835-932a5d90a059" ,
"indicator--e51e8d5c-2512-44e4-89f8-0bf316a88a54" ,
"indicator--10f5c0be-70be-4d07-b006-31251e4bb69c" ,
"indicator--af08b906-d57a-439e-a289-a8abf9fa7ec8" ,
"indicator--85a840e6-cdb0-4d3c-bf69-605a19c15f19" ,
"indicator--fcadfe21-9397-44cf-8ab5-05333d7e4cb1" ,
"indicator--20c71cd0-bf51-4619-a3b5-d595079fbe3b" ,
"indicator--2e5a81d5-ccaf-458a-bb44-14aeb2646ca5" ,
"indicator--e476e602-3f9a-4d4e-9170-20d055a6cde8" ,
"indicator--a57eba23-64f8-4272-a0cf-e2f56a957d0f" ,
"indicator--f267c753-54ee-4e39-9b34-8420fd4a8a10" ,
"indicator--90d70bef-8ba5-4746-85d1-3c97f922c2a1" ,
"indicator--a5f27704-92a7-4a29-95ab-ec87dd629508" ,
"indicator--7ba97760-750d-4820-997e-3117785d9257" ,
"indicator--98189417-0dae-48b9-bff6-949af6e01b28" ,
"indicator--cb20da93-7103-4c07-b1c6-ff738c1ecb76" ,
"indicator--ed3e1a53-9e7c-4fd6-8d6e-27029f8bee1f" ,
"indicator--08efc3c1-86a3-4276-a1ef-f3a2c5db7469" ,
"x-misp-object--b9e6b927-ce2d-4094-80de-9507c3700c38" ,
"x-misp-object--aa74ba61-2d36-42a4-88e9-b238dc2a8b92"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"type:OSINT" ,
"osint:lifetime=\"perpetual\"" ,
"osint:certainty=\"50\"" ,
"misp-galaxy:surveillance-vendor=\"Cytrox\""
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--81efca44-80f3-4af5-8fb7-2adac09bc441" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'koenigseggg.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e2f04a2-f118-4173-9c8e-0239bf1a2275" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'bitlly.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e96995ba-21b6-421c-ab76-2f9033027ba6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'newslive2.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--46501d2a-e0d5-433a-97a1-5c7a51e253fd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'uberegypt.cn.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a285db2-47e1-460b-a29b-578eaef98360" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'yuom7.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6e3a2a11-8388-4df3-a8e7-0d0e3d738087" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'connectivitycheck.online']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5446169c-6ecf-4170-84d5-693592ee3658" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'webaffise.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8107c1fb-fd2f-41a3-977b-8960a5d4c378" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'ffoxnewz.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--96a6b121-bac8-4cf1-8787-059df157d254" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'miniiosapps.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--09963b62-44aa-4818-9d98-c558f0273a15" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'audit-pvv.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--debc2347-209b-4537-ba70-7901c3dc7283" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'orangegypt.co']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90a131af-f06b-463b-9e56-42d51a89deaa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'youarefired.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7b706010-9ef4-45a5-a913-1e4162735294" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'aramexegypt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--255be985-8b0b-49a5-ad29-3d37fd0f3c63" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'mozillaupdate.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2fa975f4-7a1a-47b2-aa2a-e3f703b09ab2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'safelyredirecting.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b61d5c8c-8964-4e34-adb9-36e8245576cb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'mycoffeeshop.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--49021dea-5371-4d79-b093-4948ba0c3ff1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'bookjob.club']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13f42f7b-c0d5-4281-8d83-561ec441c930" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'youtubewatch.co']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--24243169-8697-48a1-bb99-17bb1e37d4dd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'download4you.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--94220acf-d481-4f83-9aa0-3b6bb7c0177d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'cyber.country']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dadba41c-dc50-42a3-ad92-b3ad524c2fa8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'itcgr.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5c4c8469-56e2-46c6-8ed7-13f54f662102" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'getsignalapps.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1e534a66-1732-40d8-bff7-6e760a9a2b85" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'clockupdate.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1a2d9b3a-810e-4de0-8453-906287ff2997" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'updateservice.center']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--993af816-13f6-4177-8df8-11a949b868d8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'crashonline.site']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--087f187b-3a41-4169-86aa-b1f76271dbec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'speedymax.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--27d902d4-87d1-45c5-ae92-4db9d491ce22" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'safelyredirecting.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a9c4eaf8-9ea8-4c5a-af40-adcce69b9359" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'lylink.online']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d74372f1-bc95-426a-82f7-beb97d269dea" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'ferrari.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--901470be-ea4b-4080-99b8-6ffec8f5a5a6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'telecomegy-ads.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d6696519-191e-4396-bc80-4095a4fca6b0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'tw.itter.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--09d36209-d326-4235-b3bf-40443c98c511" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'instagam.click']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--34ed38e3-7c6d-4c57-a839-620c1669b09c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:48.000Z" ,
"modified" : "2022-01-30T10:22:48.000Z" ,
"pattern" : "[domain-name:value = 'distedc.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:48Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8aebd50d-ef2a-4402-a221-f50bef8e3480" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'alraeesnews.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--efa49e47-f6f0-45df-9d4d-af12c97249de" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'bitlinkin.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--003a463c-b29b-4364-81e4-74cde40801ae" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'ewish.cards']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9b18b86d-745f-42f8-a7a2-c267c3797041" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'sniper.pet']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--485be54c-5794-4446-a0a3-67bfa4e50942" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'wtc1111.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--28127113-c787-407c-adcc-c1a1cbd03f3c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'newsbeast.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ebe02e6b-db9e-4bf0-a643-713bbd162773" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'in-politics.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f601391e-ebec-409d-a7ba-7abe6706692a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'wtc2222.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ac07bced-2620-4c9a-9825-d33c71129563" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'icloudflair.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4cf86a85-fd40-4310-bcb4-766f86104fe3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'omanreal.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e6e9143-9521-4368-b75f-946791fa8c88" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'lexpress.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4ca0f5bd-f5b0-4358-95fd-6ac37ed422fe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'chatwithme.store']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bd289319-bfd2-4457-8da3-7c86e4eb5432" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'link-m.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f0242937-a663-49d9-91a6-d9bef37d184e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'efsyn.online']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--70f73d47-44ff-495c-bb7c-f674701d149c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'mitube1.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--066398c3-48ee-49b7-ad63-963b5ee1026b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'updete.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cf85f4b1-cef7-499b-b1b4-82dc31b54a9d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'weathersite.online']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3a86a1be-a0a7-4b5b-b1ad-1d77b971dcff" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'llinkedin.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d14c16d2-076f-4f02-8936-18626086f961" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'api-telecommunication.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dad4879f-778b-4349-8d6b-13ff83e39150" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = '2y4nothing.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4ccdcdef-e94d-4f7c-98c4-067061db73f1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'updates4you.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5ae720ed-4497-4a02-a5b7-d2f0ec505129" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'fastuploads.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8d7c8719-1658-42a1-aeb2-94951be93893" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'kormoran.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bb1174df-0262-42b5-8993-dfbca988fe2a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'jquery-updater.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--95277b90-4b66-4b18-8523-ec395c7207fe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'synctimestamp.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--948b8dea-36f0-4709-8fa6-8073a3aebb3a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'bmw.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a059e603-2cc4-4d03-b537-24f7e9a2eacb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'insider.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8c4831ff-88e5-4bfd-8b9f-40c734af3144" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'smsuns.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ddcb07c2-00c8-4762-9cc2-6177b57a47c8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'uservicescheck.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9010dfd7-e4e8-4e00-9266-c7b594ee3098" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'connectivitycheck.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3edfc428-bee7-404e-a38a-03ffca7d8825" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'newzeto.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cac2c444-a625-4574-b924-d3ebefc923d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'hellasjournal.website']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--20a63ad7-9927-4644-9ebe-14e43d3598dc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'danas.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--744a4091-f302-4928-a3d9-e8babddd9529" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'enikos.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2da02320-e77b-4bfb-929f-9b322f284249" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'nabd.site']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1a411d21-2364-4298-ad20-a7212732dff6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'quickupdates.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f04f6fb9-2e63-4b50-911d-ce521e7af9c0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'trecv.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ff5a4722-b6d8-4019-9af0-3a6c591dfd3e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'we-site.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9b58b24d-4f1a-4079-a036-ff11ef863252" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'getsignalapps.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ce6e0ba9-89ba-4806-9869-0cc8aaa590ea" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'bi.tly.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--21f6f6a8-cf16-4a91-b142-2a5a3bf40904" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'kinder.engine.ninja']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--49bc9b6b-c1a3-4ad0-9a7d-a9eb2cf4c5bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'nemshi-news.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8b89b16a-6e38-4b7a-99a1-a8f5792db563" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'yo.utube.to']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bbc93630-e44f-4a0d-ae60-922ffe9e0b93" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'instagam.in']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c70788c3-eca7-40d4-b662-cbab7a49a6b1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'svetovid.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6000ef97-f5da-40de-a188-024799603502" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'vodafoneegypt.tech']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--104689c1-9d29-4577-9d9e-9fb6f14da5e8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'cellconn.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e045fa9f-fc3a-4123-9cd4-3448061b97d3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'solargroup.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fe6b466f-62fa-48ac-ab2c-a92be207a833" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'youtubesyncapi.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b67703a6-5f6b-4d73-a27f-199821f73ed6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'ancienthistory.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf5d25ea-75de-472a-8310-15f5e0b4932e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'goldenscint.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f367350-f35f-4ec8-adf0-d475a6eb7302" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'speedygonzales.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--81cae761-b61d-499c-ad2b-ae98c67f5bc3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'liponals.store']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e1a8674a-8801-4373-b2bd-d5b591c02d9f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'altsantiri.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--23a09185-6628-4af7-a388-ce657638553a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'viva.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f7dd2207-35c2-47ae-89b5-2a8bd2c042cc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'sinai-new.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dc8879b3-2fdd-45d8-88e7-b8482788a5b2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'eagerfox.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--db0c7980-ec7f-48d4-8f52-79b773832083" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'weathear.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8cbe0466-9c7b-49fb-989c-d2b3f4855a96" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'adibjan.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a1e0afc3-3cfa-4b2e-8dda-95c717b0da9d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'alpineai.uk']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f0cadc91-b2be-4df1-8a68-581d21b6dcff" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'livingwithbadkidny.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--61f0ef41-183d-49d5-ae07-a2694af55919" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'espressonews.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--30da6c62-4d17-4aae-b16a-3f675297d52c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'olexegy.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--99309856-9569-45e7-9d5d-4910c12af72f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'blacktrail.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90c4c296-a888-458a-a651-2d3aea700a45" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'yout.ube.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--09ec9968-d4d5-4d8e-a833-e63b7151db86" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'leanwithme.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--935bcab5-38e0-41ac-911d-2b9501398643" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'apps-ios.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--748caba0-792e-4d50-98aa-bb9973de74bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'bi.tly.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1c00ba31-22af-4a47-81d3-133ee183085b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'fbc8213450838f7ae251d4519c195138.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2506b0da-f468-4cdc-a82e-a9dab7ffb204" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'fisherman.engine.ninja']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0b3993ca-f7cc-450a-ba56-9472951c2ef7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'politique-koaci.info']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--549abe91-8cb0-4b7a-ba5f-0046df003803" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'adultpcz.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--73a0329a-7b63-400a-97cd-e26dfa12929c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'youtube.gr.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0871e302-e849-4c77-a2d3-53c67dcf2719" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'yallakora-egy.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e33ab1d-f4ec-42bb-9991-e6fdd621ca82" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'android-apps.tech']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f29f944-733c-4b93-bbe7-9e98b72bb187" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'instagam.photos']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a91b2b7d-e0ad-427e-b79b-ca420a12a048" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'flexipagez.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2d9765d7-e61d-487d-825d-a41699a9741f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'ereportaz.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e229cdc0-aa20-46d1-afc3-8d6178a4fe37" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'kohaicorp.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1152787e-ed89-4860-bd4c-eac820d3fd57" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'md-news-direct.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eaa84fae-1045-4efc-9f34-645782acd116" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'worldnws.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ee4de759-0ad6-48fe-a698-71987e9a2086" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'landingpge.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1feca209-54ad-4250-980b-c1213595059f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'etisalatgreen.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ca625364-45a8-4fb4-a919-365004a9d24a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'lamborghini-s.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--db2ba484-cfdc-4c5b-991f-14906020b97b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'nemshi-news.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a8ed5319-8b87-46f3-bce3-a228b2ba3d81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'teslal.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f811b4e9-128a-4ce4-b211-05bf34896abf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'hellasjournal.company']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3e1d9744-4318-453d-983b-db773ed4e003" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'bbcsworld.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e9e59dde-a35f-4170-87e6-030ee72d6845" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'fireup.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1337cc14-1b9c-4d37-a25d-bd736508041d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'goldenscent.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7ea3ac59-ee17-4530-8b81-c53d66fdccb3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'youtu-be.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--99433f06-e227-474d-9045-8e8af7be1f52" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'trkc.online']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--437fa889-e76f-44ac-9b17-83ef6d8f11e2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:49.000Z" ,
"modified" : "2022-01-30T10:22:49.000Z" ,
"pattern" : "[domain-name:value = 'niceonesa.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:49Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4777a5d1-e638-42b0-95a3-7f88d99be990" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'api-apple-buy.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ded354aa-0ced-4165-9154-b1b1848e5d58" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'mifcbook.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3d73627d-b4ca-484e-9983-936fe2509ddf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'symoty.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--01b6f708-1a03-45d3-8b1d-4cae8036359f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'cut.red']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--07450a98-9bc3-4fb6-adbf-cf710bac5846" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'dragonair.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ac57b5b8-68d4-4e43-bf71-3c345b6c8547" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'updatetime.zone']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3d385ce8-bc5c-4a52-9ab3-958b67fadb33" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'shortenurls.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1de007be-18ec-4987-b71b-785a9ff63254" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'qwxzyl.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--73e43a97-2e2f-4a7f-87da-b379c17f13fa" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'invoker.icu']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dbb91060-cfc7-47d7-96de-c88e70c62a2b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'nassosblog.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--13a740d1-d5e2-414e-9673-837d5fa433de" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'youtube.voto']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--75861ba5-a4ac-4daf-8987-9303658ec41c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'hopnope.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4d48f243-9a16-4a88-a79e-13d53445c9d2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'myutbe.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b516d270-21e1-4f29-a1a0-764911e8c8cf" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'shortmee.one']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--deb22c9f-cb56-4197-9424-e08f9ba1ae32" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'almasryelyuom.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--10da3fbb-8412-4577-b26a-8858ab9f7b71" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'youtub.app']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a09f38b9-2f25-4837-b3b4-cf9dbc34ea77" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'elpais.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e10f7108-0b61-4122-ad2a-ac5fcc097f72" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'actumali.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d653dd3b-50e0-4168-855b-14ac89a31695" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bit-li.ws']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e663cf20-129e-428c-b3e3-ddaa86176059" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'fimes.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0a3f5bbd-8180-43cf-9c39-8413e2188fb5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ps2link.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dac7d9c5-1724-48a9-91e0-63e8fdd9e994" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tribune-mg.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fa8b1e27-b650-48f6-9eed-df46fb4acf6f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bumabara.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--febf276c-3a9e-4fd6-ab4d-04bc5822af78" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'simetricode.uk']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--77a5a2fe-80a1-4030-a1ba-a6df896bd41a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ps1link.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--77641e2c-87d6-4462-a3ec-79ef3f39e0bc" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'hellottec.art']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--038ea7ab-9500-4e0e-97d1-857234a7d2ec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'stonisi.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f27e61ab-f594-4c80-aeec-cdc975e507ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'xf.actor']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2fe5b0a1-ac80-42c6-9e35-dd86c9198897" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ikea-egypt.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--171a043d-c5bb-4483-83ee-12976193d80d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bit-ly.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1eaaf3b8-9112-4b90-9215-68e0e71126e6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tly.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f0d8b48-2ccf-4b12-bb10-1efc7e309911" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'nikjol.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eb45c367-fea6-40b7-9ab3-8d4f2eb8dfe3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'egyqaz.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f6f1db9a-4053-4e23-96eb-6eea6fe592b7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ios-apps.store']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ecd35815-a4a2-4c62-82b8-647c68533168" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'serviceupdaterequest.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8af2791b-1ea1-4a82-b8c9-4d8d50f8cd17" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tovima.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cf6b3708-8f55-42a6-a613-4b9a7f8b4e59" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'wha.tsapp.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--980ad684-f736-417b-a656-c06228756e6f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'businesnews.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--97ba1829-a091-44c1-9455-61c31d07a4e3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tiol.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1db30066-a2ef-4ac0-8b1d-df030f595d9d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'mobnetlink1.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--18345894-209f-4f7d-beb3-708bfe43a1c2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'shortxyz.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--257362fd-2770-4707-8599-fa65f8ad7d0a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ube.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--daf7ca58-8b52-4f62-9c5f-035e8bf0529a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'teslali.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b602a4e2-5ca8-4e85-ad09-57855044607f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'iibt.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7b5c8565-cfb5-43d7-97d2-180a2589d413" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'kranos.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4a7422c4-4688-4d64-839b-ddf90c946a1b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'solargoup.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4de4af8f-3ece-42bc-b40a-becd9523374a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'carrefourmisr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c1bcd463-8ba8-4602-983e-b07c8c50849a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = '5m5.io']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5a45ac49-4b17-4cbb-a960-bc2af1a7dba7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'pronews.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b7a889c1-d2ae-480a-afab-590fa8a2a5ee" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'shortwidgets.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--89dc5738-d457-4823-a60a-94f21f72673f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'pocopoc.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6f8bcbd9-b94f-4f82-915a-b0d39c7ee3c4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'charmander.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1df46c75-7921-4308-9d75-e91430724ca2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'enigmase.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4fdeb5cc-a7de-4fe6-bdf3-0b9af4b880fb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'xnxx-hub.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b8ccb07d-2109-4d0b-83e0-7ef9ac907d0f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'proupload.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b3ca055c-e81c-4844-8c70-85ef9b1cf463" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'cloudstatistics.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--40bbaea3-00ff-468f-8add-d902e3b5c1b0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'burgerprince.us']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9a9c8608-9838-4dfb-854e-96975cf8b939" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'infosms-a.site']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3dcfbcca-074f-4981-a2df-ba5c828d984a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'heiiasjournai.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--baf8af4c-4a16-49fe-a2ca-39dd4d217986" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'citroen.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dfdc12cd-78c0-436f-9d9f-13d15b24e616" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ebill.cosmote.center']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8e9283c5-2053-470f-ac0e-1f1867e9e11a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'ckforward.one']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--973187cb-f794-480c-ab45-7870236cf63f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'syncupdate.site']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5d0c0e15-a56d-4fb9-b6d4-c8b74feed731" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'shortely.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--259a7697-5957-4302-b237-7bcfafea0d94" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'canyouc.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--21d1bbcf-6b29-45bb-8984-2838acbcada9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'suzuki.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0fa4f763-1376-4214-ba31-b6e98819f416" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'makeitshort.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--121c8d12-90ce-4578-b89a-856fa1df547a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'amazing.lab']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--388aaffe-3152-4fab-8428-36f2110c1888" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'protothema.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6863db87-c31f-4040-9d6b-4410dbb725f4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tinyurl.cloud']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d89f16cc-cb4d-4991-b224-f23214917175" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'conlnk.one']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c8fba428-3a34-4565-937b-f2494adbaf91" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'timeupdate.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d3d207be-fa7f-4748-8082-fe32084d1b19" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'localegem.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ecd8eaf2-dc91-43c4-825e-b6e5853d56e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'tesla-s.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f3b34772-179d-4bcc-87d7-b2c70900b955" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bityl.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8fee3f0d-dcca-47fc-9097-40dbfc848c0b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'xyvok.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5315e7f4-aa10-4641-bbbe-6b1c7eb241df" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'wtc3333.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--95d39b25-592e-464d-9212-b564af06a4e5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'itly.link']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--81fa911d-c5af-42fb-b61b-288021e0cf3a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'heaven.army']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2668dfce-54f5-4fbc-b99b-faa0a21ef1ae" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'pdfviewer.app']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7e71dd5c-82b5-40b4-855e-6a80cb4acb1d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'teslal.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2f7a915c-a00f-4bb2-b862-66be4a250c9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'nemshi.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e32d5970-af9b-4017-94e0-05fa64820cd4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bank-alahly.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--de46ff06-912f-45fa-8e86-2229efe4cbd1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'syncservices.one']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e6c9173b-44d1-484a-bf42-90b7aa74d1f2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'sportsnewz.site']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--70ef642d-57a1-41ea-b941-da4b5801c760" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'bit-ly.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a5ad04a7-dfd3-4c85-9387-ee322da7a24a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'newzgroup.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eda5157b-dcc3-4609-8002-f50710c04434" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:50.000Z" ,
"modified" : "2022-01-30T10:22:50.000Z" ,
"pattern" : "[domain-name:value = 'guardian-tt.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:50Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c77d5da9-2488-4b78-a396-56893089b69f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'zougla.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--78c52144-60f1-4c7e-8986-0a0e9a2ae3d2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'wavekli.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--44e854d4-267a-4c1f-8b4d-dde49985030c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'fastdownload.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d200af18-edbf-4f8b-87c3-52045227e189" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'iosmnbg.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d5fff34d-eb00-4b37-8273-3b51fbb87995" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'oilgy.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b82a6099-2c5b-4562-a1f8-c385f5cead46" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'linkit.cloud']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--4dfced26-0d23-4c22-ae8d-c1de4519582b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'url-tiny.app']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--73be604e-31d3-4b41-bcf5-e63690b35055" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'vodafonegypt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9dc12793-cb24-4761-bcbf-471ec47f585c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'cbbc01.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a76a122d-3156-46e2-815d-69b39734bd5d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'goldescent.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90c431f9-fcc2-45e8-ab7d-56a3c271b066" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'bitlyrs.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--40abb731-15d2-467a-a435-8ce7de39cc0e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'niceonase.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--dc850998-3aa8-4103-bee6-b70f4ea53628" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'link-protection.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fb1eeecb-61fa-4d8f-89d2-60ef8e8136ad" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'connectivitychecker.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c45e6ed2-2368-428f-a212-abce61b09865" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'url-promo.club']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d16d3fe3-c515-4420-9fb0-d21f0b60565c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'forwardeshoptt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--daa7def9-a735-4e8a-b3e6-18d9e78f37b5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'uservicesforyou.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--482b6622-30bc-4b62-bffe-c7dd3f336d29" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'playestore.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--097992c8-e640-40c2-9031-35f0976531ac" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'advertsservices.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f83be75e-53ff-4b62-8d9f-493651c10c35" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'servers-mobile.info']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--de9abd2f-8c29-4e73-8b6b-934ab2f5514e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'mobnetlink2.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--72b9c18f-2b54-4aea-8540-33c76119814e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'guardnew.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e365f17f-3ddd-4b26-b73e-402268373aed" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'sepenet.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--257a5633-f116-4d9b-8775-2bdb83d3f5f0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'z2adigital.cloud']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e8f7c662-b7f6-4257-ae60-79629bb5a91f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'instegram.co']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bcbd25ee-8c06-4713-8d23-f31c98004b3a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'browsercheck.services']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f35a869f-52e4-49c0-a354-118acb9ccffb" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'static-graph.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fbf5f170-11e6-40b7-9ae0-65a00ec39314" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'cnn.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--8f2aa532-d874-42f5-b2b6-9f64bd4bcc90" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'shorten.fi']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e68bf835-515a-44bc-ada6-0ba42c331949" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'celebrnewz.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7664644e-31ad-4f60-9739-34237f6d81df" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'lifestyleshops.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6ca386b8-0289-488b-81b8-056e5851ce81" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'pastepast.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a2c247a1-6df2-49dd-bb61-68a4f244ddda" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'snapfire.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--43387a03-7765-47aa-b5ed-d7c6bfb0f3b9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'omeega.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2ff9e891-845e-4db2-a960-14fdf7b5abbe" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'koora-egypt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9da56dc0-555b-43c6-849e-d395e513239a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'etisalategypt.tech']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c30fbf27-e36b-4dc7-ad5b-274dbe216442" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'yo.utube.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--23eb7677-9c5b-40f3-8db8-0db9d00bfca0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'sextape225.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--0de655ae-07ff-4809-84cc-3cfea8da58ef" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'supportset.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--093937c1-4034-4617-a9dc-e55dcb15a4f6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'getupdatesnow.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b77dffc5-435e-4aab-8246-3e0073599068" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'prmopromo.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1be173ac-b016-4979-bfc6-32c1ea7019ce" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'ilnk.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2af63a3a-315c-498d-bb85-dcdecb26bc52" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'tsrt.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--eece0b35-ae03-416b-b183-2bf5a4b0641c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'affise.app']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--947939ec-59ee-496e-ac18-9cbb5657563f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'telenorconn.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f398103d-3f84-4c35-9223-71ecbc90f867" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'mobnetlink3.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6993238b-037a-4768-a706-db895d6cff06" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'zougla.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1fa4b4d3-8601-499d-8fae-e21f7d0c398e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'myfcbk.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a0b446c7-0ce0-43b7-90b0-a3d277e7b1a9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'z2a.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c271cc6a-04c3-4004-a17f-9d28e742d360" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'engine.ninja']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3c6feb64-187d-4a26-acc0-9b2c877ef5e0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'gosokm.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--25b51862-e0ee-4eba-b346-2abae972932b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'z2digital.cloud']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1c6bb5e8-1a88-440d-b50d-2958b2961d96" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'utube.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a644a71a-7a07-4a23-92fa-648f30d8b225" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'mlinks.ws']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--32a10c7f-3c82-4c8b-8766-3e44d6ac7870" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'redeitt.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--6997e2e3-b181-48d0-9da5-bf629b5de9b4" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'updatingnews.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bf0e8173-9770-4307-8329-f41719027704" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'limk.one']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--59547364-db43-4c9a-afc6-b7e39e9be2fd" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'nissan.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5ccba526-fa0d-404f-8aba-19914f1edf9e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'sports-mdg.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a6f786e9-8a29-49a3-850b-642f0d4563a9" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'politika.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--408a82c7-6834-4ca8-9a8e-2ebcb1b15308" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'sephoragroup.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--abd16fd0-19e2-4b9b-b14c-8d3081057dd7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'msas.ws']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e0af7147-9b8b-43e4-bfb7-a42f2fce452c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'orchomenos.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7cf9ff37-8293-4987-89da-b4eb81bb5c4d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'mywebsitevpstest.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--19673405-e01f-4696-8069-ee6ee69bdc05" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'novosti.bid']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f6b9694d-6190-486e-8eae-63e5556c8c3d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'twtter.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ca3b431d-8853-4867-9eab-827685c24b77" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'nabde.app']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--c36623b5-b5a9-4983-8159-bda79298a059" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'addons.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--9c46cf47-d808-4076-8850-0cc8a1b381be" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'lexpress-mg.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--446b7036-23d2-4d3e-af71-a5305024f691" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'redirecting.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--061792c8-d321-4605-8ea0-39b3204a6c90" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'mytrips.quest']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7fd8ff56-990a-419a-a260-8ac6f49676ec" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'bitt.fi']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a9b7cebc-98bc-419d-836d-ee33ef2cfc1f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'landingpg.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--1a288c93-01a0-4fa7-a15a-2fe3f77d32ff" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'lnkedin.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--63f4adae-01b0-459c-a5c1-cbb6de37179c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'linktothisa.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--52982af2-5d85-4c84-a05d-b9d86a7c13f2" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'adservices.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--42e67512-d527-469d-8d9e-37f89162404a" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'timestampsync.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--57cc5253-a9ca-4d2a-b701-0a95f3974ad0" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'olxeg.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d613d620-f216-452c-8d3d-6fd321704f36" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'bit-li.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a5f4b662-a4ec-45c2-8929-0bb3791077ca" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'weathernewz.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--517e7065-9b0e-415b-8fbc-e3e0e80c132b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'linkit.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--3d60bde8-5506-45d8-866c-8262c499ed43" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'onlineservices.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--523a26a1-c08c-4b6b-a47b-71255fd3ef91" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'guardnews.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d4651539-5d99-466b-b0d8-a186b6c86017" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'trecvf.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ef26bd65-1e7c-4ba5-881b-70fb93d10722" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'speedy.sbs']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--96749e37-6f8c-44e1-9096-e43595ea733e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'advfb.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2b41641d-7d9d-4a50-b655-7c589dffb607" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'qwert.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--d1602855-1ee1-4ae4-8729-f1abb18f6802" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'alraeeenews.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--01abdc3a-1ec8-467e-a813-5d3ffcb99d21" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'sitepref.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--212bea34-adb6-4534-b911-e79c0b3b66e7" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'covid19masks.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--5de6ace5-5cd8-4411-ae30-68e6e823fa71" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:51.000Z" ,
"modified" : "2022-01-30T10:22:51.000Z" ,
"pattern" : "[domain-name:value = 'tly.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:51Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e2a87abf-b466-4ca0-a52c-6515a84c5b8d" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'cloudtimesync.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--be337a4c-ff98-41f3-8f36-7a134803813e" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'tinylinks.live']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--bd70bd72-7db3-44a0-9863-eb2202552c02" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'itter.me']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ac9bc3a3-5ab9-4351-a17e-b91a243eaf5b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'bity.ws']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--38afc77b-fd77-4109-ba61-b3870c2b56c5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'tgrthgsrgwrthwrtgwr.xyz']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--b5bc59d0-2bc0-453e-a5c3-9a30b7e393a3" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'icloudeu.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--16eb733c-d4f1-4c16-b30f-cd3f2bc527a6" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'otaupdatesios.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--930907c5-f6e1-4ee9-9835-932a5d90a059" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'applepps.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e51e8d5c-2512-44e4-89f8-0bf316a88a54" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'paok-24.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--10f5c0be-70be-4d07-b006-31251e4bb69c" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'inservices.digital']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--af08b906-d57a-439e-a289-a8abf9fa7ec8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'tinyulrs.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--85a840e6-cdb0-4d3c-bf69-605a19c15f19" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'tiny.gr.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--fcadfe21-9397-44cf-8ab5-05333d7e4cb1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'networkenterprise.net']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--20c71cd0-bf51-4619-a3b5-d595079fbe3b" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'timeupdateservice.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--2e5a81d5-ccaf-458a-bb44-14aeb2646ca5" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'kathimerini.news']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--e476e602-3f9a-4d4e-9170-20d055a6cde8" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'atheere.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a57eba23-64f8-4272-a0cf-e2f56a957d0f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'hempower.shop']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--f267c753-54ee-4e39-9b34-8420fd4a8a10" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[domain-name:value = 'eg-gov.org']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"domain\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--90d70bef-8ba5-4746-85d1-3c97f922c2a1" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/data/local/tmp/wd/']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--a5f27704-92a7-4a29-95ab-ec87dd629508" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/data/local/tmp/wd/fs.db']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--7ba97760-750d-4820-997e-3117785d9257" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/private/var/tmp/hooker']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--98189417-0dae-48b9-bff6-949af6e01b28" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/private/var/tmp/takePhoto']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--cb20da93-7103-4c07-b1c6-ff738c1ecb76" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/private/var/tmp/UserEventAgent']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--ed3e1a53-9e7c-4fd6-8d6e-27029f8bee1f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"pattern" : "[file:name = '/private/var/tmp/com.apple.WebKit.Networking']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2022-01-30T10:22:52Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\"" ,
"misp-galaxy:malware=\"Cytrox\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--08efc3c1-86a3-4276-a1ef-f3a2c5db7469" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2021-12-16T10:47:45.000Z" ,
"modified" : "2021-12-16T10:47:45.000Z" ,
"pattern" : "[configuration-profile:id='76DAB334-7E17-475D-A5D6-0794EB5818A5']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2021-12-16T10:47:45Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "misc"
}
] ,
"labels" : [
"misp:name=\"stix2-pattern\"" ,
"misp:meta-category=\"misc\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--b9e6b927-ce2d-4094-80de-9507c3700c38" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:22:52.000Z" ,
"modified" : "2022-01-30T10:22:52.000Z" ,
"labels" : [
"misp:name=\"original-imported-file\"" ,
"misp:meta-category=\"file\""
] ,
"x_misp_attributes" : [
{
"type" : "attachment" ,
"object_relation" : "imported-sample" ,
"value" : "cytrox.stix2" ,
"category" : "External analysis" ,
"uuid" : "2dc29630-ca09-4f31-a4d3-0516a6ba87e6" ,
"data" : " e w o g I C A g I n R 5 c G U i O i A i Y n V u Z G x l I i w K I C A g I C J p Z C I 6 I C J i d W 5 k b G U t L T R i N D c 1 Y T V m L W V h N D c t N G Y y Z i 1 h Z W E z L W Q 4 Y m E 5 Y m Q x Y j Z i N i I s C i A g I C A i b 2 J q Z W N 0 c y I 6 I F s K I C A g I C A g I C B 7 C i A g I C A g I C A g I C A g I C J 0 e X B l I j o g I m 1 h b H d h c m U i L A o g I C A g I C A g I C A g I C A i c 3 B l Y 192 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J p Z C I 6 I C J t Y W x 3 Y X J l L S 1 h Y j Y y O D Y 0 Z S 1 l M j Q 1 L T Q 4 O D U t O D c 4 N i 1 h N j U 2 N j J i Y j Z k N m M i L A o g I C A g I C A g I C A g I C A i Y 3 J l Y X R l Z C I 6 I C I y M D I x L T E y L T E 2 V D E w O j Q 3 O j Q 1 L j I 4 N j g x M l o i L A o g I C A g I C A g I C A g I C A i b W 9 k a W Z p Z W Q i O i A i M j A y M S 0 x M i 0 x N l Q x M D o 0 N z o 0 N S 4 y O D Y 4 M T J a I i w K I C A g I C A g I C A g I C A g I m 5 h b W U i O i A i Q 3 l 0 c m 94 I i w K I C A g I C A g I C A g I C A g I m R l c 2 N y a X B 0 a W 9 u I j o g I k l P Q 3 M g Z m 9 y I E N 5 d H J v e C I s C i A g I C A g I C A g I C A g I C J p c 19 m Y W 1 p b H k i O i B m Y W x z Z Q o g I C A g I C A g I H 0 s C i A g I C A g I C A g e w o g I C A g I C A g I C A g I C A i d H l w Z S I 6 I C J p b m R p Y 2 F 0 b 3 I i L A o g I C A g I C A g I C A g I C A i c 3 B l Y 192 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J p Z C I 6 I C J p b m R p Y 2 F 0 b 3 I t L T g x Z W Z j Y T Q 0 L T g w Z j M t N G F m N S 0 4 Z m I 3 L T J h Z G F j M D l i Y z Q 0 M S I s C i A g I C A g I C A g I C A g I C J j c m V h d G V k I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 3 M D J a I i w K I C A g I C A g I C A g I C A g I m 1 v Z G l m a W V k I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 3 M D J a I i w K I C A g I C A g I C A g I C A g I m l u Z G l j Y X R v c l 90 e X B l c y I 6 I F s K I C A g I C A g I C A g I C A g I C A g I C J t Y W x p Y 2 l v d X M t Y W N 0 a X Z p d H k i C i A g I C A g I C A g I C A g I F 0 s C i A g I C A g I C A g I C A g I C J w Y X R 0 Z X J u I j o g I l t k b 21 h a W 4 t b m F t Z T p 2 Y W x 1 Z T 0 n a 29 l b m l n c 2 V n Z 2 c u Y 29 t J 10 i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 90 e X B l I j o g I n N 0 a X g i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 92 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J 2 Y W x p Z F 9 m c m 9 t I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 3 M D J a I g o g I C A g I C A g I H 0 s C i A g I C A g I C A g e w o g I C A g I C A g I C A g I C A i d H l w Z S I 6 I C J y Z W x h d G l v b n N o a X A i L A o g I C A g I C A g I C A g I C A i c 3 B l Y 192 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J p Z C I 6 I C J y Z W x h d G l v b n N o a X A t L W E 0 Z T B k Z D M y L T R k M W U t N G U 4 N i 1 h N D U 0 L T A w Z W M 5 Z j Q 1 N T M 4 M y I s C i A g I C A g I C A g I C A g I C J j c m V h d G V k I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 3 O T Q 1 W i I s C i A g I C A g I C A g I C A g I C J t b 2 R p Z m l l Z C I 6 I C I y M D I x L T E y L T E 2 V D E w O j Q 3 O j Q 1 L j I 4 N z k 0 N V o i L A o g I C A g I C A g I C A g I C A i c m V s Y X R p b 25 z a G l w X 3 R 5 c G U i O i A i a W 5 k a W N h d G V z I i w K I C A g I C A g I C A g I C A g I n N v d X J j Z V 9 y Z W Y i O i A i a W 5 k a W N h d G 9 y L S 0 4 M W V m Y 2E0 N C 0 4 M G Y z L T R h Z j U t O G Z i N y 0 y Y W R h Y z A 5 Y m M 0 N D E i L A o g I C A g I C A g I C A g I C A i d G F y Z 2 V 0 X 3 J l Z i I 6 I C J t Y W x 3 Y X J l L S 1 h Y j Y y O D Y 0 Z S 1 l M j Q 1 L T Q 4 O D U t O D c 4 N i 1 h N j U 2 N j J i Y j Z k N m M i C i A g I C A g I C A g f S w K I C A g I C A g I C B 7 C i A g I C A g I C A g I C A g I C J 0 e X B l I j o g I m l u Z G l j Y X R v c i I s C i A g I C A g I C A g I C A g I C J z c G V j X 3 Z l c n N p b 24 i O i A i M i 4 x I i w K I C A g I C A g I C A g I C A g I m l k I j o g I m l u Z G l j Y X R v c i 0 t M m U y Z j A 0 Y T I t Z j E x O C 0 0 M T c z L T l j O G U t M D I z O W J m M W E y M j c 1 I i w K I C A g I C A g I C A g I C A g I m N y Z W F 0 Z W Q i O i A i M j A y M S 0 x M i 0 x N l Q x M D o 0 N z o 0 N S 4 y O D g w O T R a I i w K I C A g I C A g I C A g I C A g I m 1 v Z G l m a W V k I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 4 M D k 0 W i I s C i A g I C A g I C A g I C A g I C J p b m R p Y 2 F 0 b 3 J f d H l w Z X M i O i B b C i A g I C A g I C A g I C A g I C A g I C A i b W F s a W N p b 3 V z L W F j d G l 2 a X R 5 I g o g I C A g I C A g I C A g I C B d L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b i I 6 I C J b Z G 9 t Y W l u L W 5 h b W U 6 d m F s d W U 9 J 2 J p d G x s e S 5 s a X Z l J 10 i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 90 e X B l I j o g I n N 0 a X g i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 92 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J 2 Y W x p Z F 9 m c m 9 t I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 4 M D k 0 W i I K I C A g I C A g I C B 9 L A o g I C A g I C A g I H s K I C A g I C A g I C A g I C A g I n R 5 c G U i O i A i c m V s Y X R p b 25 z a G l w I i w K I C A g I C A g I C A g I C A g I n N w Z W N f d m V y c 2 l v b i I 6 I C I y L j E i L A o g I C A g I C A g I C A g I C A i a W Q i O i A i c m V s Y X R p b 25 z a G l w L S 0 4 Y 2 F m Z j g 4 N i 0 1 O W M 1 L T Q 5 N z Q t O T A y Y S 0 y Y W I z Z T Z j O D g 3 Z G Y i L A o g I C A g I C A g I C A g I C A i Y 3 J l Y X R l Z C I 6 I C I y M D I x L T E y L T E 2 V D E w O j Q 3 O j Q 1 L j I 4 O D c 5 M 1 o i L A o g I C A g I C A g I C A g I C A i b W 9 k a W Z p Z W Q i O i A i M j A y M S 0 x M i 0 x N l Q x M D o 0 N z o 0 N S 4 y O D g 3 O T N a I i w K I C A g I C A g I C A g I C A g I n J l b G F 0 a W 9 u c 2 h p c F 90 e X B l I j o g I m l u Z G l j Y X R l c y I s C i A g I C A g I C A g I C A g I C J z b 3 V y Y 2 V f c m V m I j o g I m l u Z G l j Y X R v c i 0 t M m U y Z j A 0 Y T I t Z j E x O C 0 0 M T c z L T l j O G U t M D I z O W J m M W E y M j c 1 I i w K I C A g I C A g I C A g I C A g I n R h c m d l d F 9 y Z W Y i O i A i b W F s d 2 F y Z S 0 t Y W I 2 M j g 2 N G U t Z T I 0 N S 0 0 O D g 1 L T g 3 O D Y t Y T Y 1 N j Y y Y m I 2 Z D Z j I g o g I C A g I C A g I H 0 s C i A g I C A g I C A g e w o g I C A g I C A g I C A g I C A i d H l w Z S I 6 I C J p b m R p Y 2 F 0 b 3 I i L A o g I C A g I C A g I C A g I C A i c 3 B l Y 192 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J p Z C I 6 I C J p b m R p Y 2 F 0 b 3 I t L W U 5 N j k 5 N W J h L T I x Y j Y t N D I x Y y 1 h Y j c 2 L T J m O T A z M z A y N 2 J h N i I s C i A g I C A g I C A g I C A g I C J j c m V h d G V k I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 4 O T I 1 W i I s C i A g I C A g I C A g I C A g I C J t b 2 R p Z m l l Z C I 6 I C I y M D I x L T E y L T E 2 V D E w O j Q 3 O j Q 1 L j I 4 O D k y N V o i L A o g I C A g I C A g I C A g I C A i a W 5 k a W N h d G 9 y X 3 R 5 c G V z I j o g W w o g I C A g I C A g I C A g I C A g I C A g I m 1 h b G l j a W 91 c y 1 h Y 3 R p d m l 0 e S I K I C A g I C A g I C A g I C A g X S w K I C A g I C A g I C A g I C A g I n B h d H R l c m 4 i O i A i W 2 R v b W F p b i 1 u Y W 1 l O n Z h b H V l P S d u Z X d z b G l 2 Z T I u e H l 6 J 10 i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 90 e X B l I j o g I n N 0 a X g i L A o g I C A g I C A g I C A g I C A i c G F 0 d G V y b l 92 Z X J z a W 9 u I j o g I j I u M S I s C i A g I C A g I C A g I C A g I C J 2 Y W x p Z F 9 m c m 9 t I j o g I j I w M j E t M T I t M T Z U M T A 6 N D c 6 N D U u M j g 4 O T I 1 W i I K I C A g I C A g I C B 9 L A o g I C A g I C A g I H s K I C
} ,
{
"type" : "text" ,
"object_relation" : "format" ,
"value" : "STIX 2.0" ,
"category" : "Other" ,
"uuid" : "636a8777-490d-42d5-850b-589ec0cd32e2"
}
] ,
"x_misp_meta_category" : "file" ,
"x_misp_name" : "original-imported-file"
} ,
{
"type" : "x-misp-object" ,
"spec_version" : "2.1" ,
"id" : "x-misp-object--aa74ba61-2d36-42a4-88e9-b238dc2a8b92" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2022-01-30T10:24:08.000Z" ,
"modified" : "2022-01-30T10:24:08.000Z" ,
"labels" : [
"misp:name=\"report\"" ,
"misp:meta-category=\"misc\""
] ,
"x_misp_attributes" : [
{
"type" : "link" ,
"object_relation" : "link" ,
"value" : "https://github.com/AmnestyTech/investigations/tree/master/2021-12-16_cytrox" ,
"category" : "External analysis" ,
"uuid" : "01a90efd-c99f-41ee-95e9-71714756e58c"
} ,
{
"type" : "text" ,
"object_relation" : "summary" ,
"value" : "This repository contains network and device indicators of compromised (IoCs) related to the IOS and Android spyware tools developed by the cyber-surveillance company Cytrox. These indicators were first published in December 2021 by Meta in their Threat Report on the Surveillance-for-Hire Industry and by Citizen Lab in their report Pegasus vs. Predator - Dissident\u2019s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware. Additional indicators of compromise were identified by the Amnesty Tech Security Lab as part of an independent investigation." ,
"category" : "Other" ,
"uuid" : "d7ebf909-06c5-4ed9-9bb5-193eab1182a5"
} ,
{
"type" : "text" ,
"object_relation" : "type" ,
"value" : "Report" ,
"category" : "Other" ,
"uuid" : "71bdc154-7709-433b-b9c9-8d183a435474"
}
] ,
"x_misp_meta_category" : "misc" ,
"x_misp_name" : "report"
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}