adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/55749a9b-1880-4351-803c-47fc950d210b.json

1108 lines
45 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--55749a9b-1880-4351-803c-47fc950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:31:12.000Z",
"modified": "2015-06-07T19:31:12.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55749a9b-1880-4351-803c-47fc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:31:12.000Z",
"modified": "2015-06-07T19:31:12.000Z",
"name": "OSINT Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense by Talos",
"published": "2015-06-08T07:36:04Z",
"object_refs": [
"observed-data--55749ab4-c40c-440b-babd-2696950d210b",
"url--55749ab4-c40c-440b-babd-2696950d210b",
"indicator--55749ae8-ee40-4160-be8b-4b44950d210b",
"indicator--55749afc-d490-48bf-a1aa-4ebe950d210b",
"indicator--55749b55-32e4-4933-bd15-2696950d210b",
"indicator--55749b55-9f34-4a80-b8ab-2696950d210b",
"indicator--55749b56-f5a0-43b1-ac26-2696950d210b",
"indicator--55749b56-ed7c-4ba4-891a-2696950d210b",
"indicator--55749b56-541c-4f8c-a601-2696950d210b",
"indicator--55749b56-7f6c-443d-b1b5-2696950d210b",
"indicator--55749b56-17b0-4572-9011-2696950d210b",
"indicator--55749b56-ffec-44f1-a18c-2696950d210b",
"indicator--55749b56-6e90-4227-a995-2696950d210b",
"indicator--55749b57-0e50-4a1d-8ada-2696950d210b",
"indicator--55749b57-8a98-4b2b-9897-2696950d210b",
"indicator--55749b57-cb48-4d78-ac11-2696950d210b",
"indicator--55749b57-cb98-4f47-87d6-2696950d210b",
"indicator--55749b57-7694-4be5-8b01-2696950d210b",
"indicator--55749b57-e694-47bb-a21c-2696950d210b",
"indicator--55749b57-3788-49ad-b458-2696950d210b",
"indicator--55749b57-22a8-486c-9446-2696950d210b",
"indicator--55749b58-ef4c-40e5-805c-2696950d210b",
"indicator--55749b58-0e4c-40ae-86fa-2696950d210b",
"indicator--55749b58-d838-429b-aa92-2696950d210b",
"indicator--55749b58-ad70-4314-879a-2696950d210b",
"indicator--55749b58-c640-4c1c-9681-2696950d210b",
"indicator--55749b58-d50c-4f05-a50e-2696950d210b",
"indicator--55749b58-4554-41d0-8270-2696950d210b",
"indicator--55749b58-20d8-41bd-88d5-2696950d210b",
"indicator--55749b59-e930-4c11-9ab4-2696950d210b",
"indicator--55749b59-ba10-419b-aa8a-2696950d210b",
"indicator--55749b59-3a24-43f2-9e35-2696950d210b",
"indicator--55749b59-560c-447e-91b1-2696950d210b",
"indicator--55749b59-c7f4-4387-a1d0-2696950d210b",
"indicator--55749b59-2a10-4977-9f1b-2696950d210b",
"indicator--55749b59-40ec-4d40-b835-2696950d210b",
"indicator--55749b59-7f20-4383-9c46-2696950d210b",
"indicator--55749b5a-af4c-4db0-af55-2696950d210b",
"indicator--55749b70-f76c-44ae-a8b9-bda5950d210b",
"indicator--55749b70-b898-448c-9618-bda5950d210b",
"indicator--55749b70-d980-47ba-93fe-bda5950d210b",
"indicator--55749b70-f014-484d-af59-bda5950d210b",
"indicator--55749b70-21f8-4d2d-88dd-bda5950d210b",
"x-misp-attribute--55749b81-18e8-4aaf-93ec-4e57950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55749ab4-c40c-440b-babd-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:25:40.000Z",
"modified": "2015-06-07T19:25:40.000Z",
"first_observed": "2015-06-07T19:25:40Z",
"last_observed": "2015-06-07T19:25:40Z",
"number_observed": 1,
"object_refs": [
"url--55749ab4-c40c-440b-babd-2696950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55749ab4-c40c-440b-babd-2696950d210b",
"value": "http://blogs.cisco.com/security/talos/angler-update"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749ae8-ee40-4160-be8b-4b44950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:26:32.000Z",
"modified": "2015-06-07T19:26:32.000Z",
"description": "Flash Exploit",
"pattern": "[file:hashes.SHA256 = '28f6b5f344f7d2bef75b30ba2e286ddff3d3a2009da1d01d7e30e21feecfde34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:26:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749afc-d490-48bf-a1aa-4ebe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:26:52.000Z",
"modified": "2015-06-07T19:26:52.000Z",
"description": "Cryptowall 3.0 Sample",
"pattern": "[file:hashes.SHA256 = '023de93e9d686bf6a1f80ad68bde4f94c5100b534f95285c1582fb8b8be8d31f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:26:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b55-32e4-4933-bd15-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:21.000Z",
"modified": "2015-06-07T19:28:21.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'schapershonden-yhteenliittymin.inspirefilms.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b55-9f34-4a80-b8ab-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:21.000Z",
"modified": "2015-06-07T19:28:21.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'capsteads-tmenupopup.mercuryoutboardnc.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-f5a0-43b1-ac26-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mfrzdzjjpi.myftp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-ed7c-4ba4-891a-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'traditionetgourmandises.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-541c-4f8c-a601-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'convenzioni.ording.roma.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-7f6c-443d-b1b5-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = '99mkb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-17b0-4572-9011-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'hostyoursitehere.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-ffec-44f1-a18c-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'alpha.akesha.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b56-6e90-4227-a995-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'andreiprundeanu.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-0e50-4a1d-8ada-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:22.000Z",
"modified": "2015-06-07T19:28:22.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = '4042shopping.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-8a98-4b2b-9897-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'redstarfuochicinesi.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-cb48-4d78-ac11-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'alebehr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-cb98-4f47-87d6-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'alchemyofpresence.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-7694-4be5-8b01-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'blationmedia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-e694-47bb-a21c-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'jeanrey.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-3788-49ad-b458-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'awynnejoinery.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b57-22a8-486c-9446-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:23.000Z",
"modified": "2015-06-07T19:28:23.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'americanfamilyenergy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-ef4c-40e5-805c-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'bezpiecznaswinka.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-0e4c-40ae-86fa-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'buroroebers.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-d838-429b-aa92-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'bebeamor.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-ad70-4314-879a-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'jandchousecleaning.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-c640-4c1c-9681-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'asambleadedios.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-d50c-4f05-a50e-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'buhtime.by']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-4554-41d0-8270-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'asadiag.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b58-20d8-41bd-88d5-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:24.000Z",
"modified": "2015-06-07T19:28:24.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'beijerlandsekelnerrace.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-e930-4c11-9ab4-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'atlantacustomwork.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-ba10-419b-aa8a-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'braingame.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-3a24-43f2-9e35-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'doggonesigns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-560c-447e-91b1-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ancientvoyages.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-c7f4-4387-a1d0-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'gonavarro.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-2a10-4977-9f1b-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'sweetthangzdesserts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-40ec-4d40-b835-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'brandgriffin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b59-7f20-4383-9c46-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:25.000Z",
"modified": "2015-06-07T19:28:25.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'tarifair.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b5a-af4c-4db0-af55-2696950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:26.000Z",
"modified": "2015-06-07T19:28:26.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'alsblueshelpt.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b70-f76c-44ae-a8b9-bda5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:48.000Z",
"modified": "2015-06-07T19:28:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.46.250.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b70-b898-448c-9618-bda5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:48.000Z",
"modified": "2015-06-07T19:28:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.6.233.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b70-d980-47ba-93fe-bda5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:48.000Z",
"modified": "2015-06-07T19:28:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.131.14.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b70-f014-484d-af59-bda5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:48.000Z",
"modified": "2015-06-07T19:28:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.242.198.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55749b70-21f8-4d2d-88dd-bda5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:28:48.000Z",
"modified": "2015-06-07T19:28:48.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.227.247.35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-06-07T19:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55749b81-18e8-4aaf-93ec-4e57950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-06-07T19:29:05.000Z",
"modified": "2015-06-07T19:29:05.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "comment",
"x_misp_value": "The large majority of the domains are residing on shared IP address space. To prevent affecting non-malicious domains hosted on these servers the IPs have been excluded."
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink