2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-06-14 17:31:25 +00:00
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--56b06dc5-2cac-46c1-9827-40f7950d210f",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:31.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:31.000Z",
|
|
|
|
"name": "CthulhuSPRL.be",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--56b06dc5-2cac-46c1-9827-40f7950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:31.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:31.000Z",
|
|
|
|
"name": "OSINT Neutrino Exploit Kit \u00e2\u20ac\u201c One Flash File to Rule Them All by SpiderLabs",
|
|
|
|
"published": "2016-02-02T10:22:12Z",
|
|
|
|
"object_refs": [
|
|
|
|
"observed-data--56b06e40-1d8c-4c17-a38a-4edd950d210f",
|
|
|
|
"url--56b06e40-1d8c-4c17-a38a-4edd950d210f",
|
|
|
|
"observed-data--56b06e40-0720-4f15-a55a-45bd950d210f",
|
|
|
|
"url--56b06e40-0720-4f15-a55a-45bd950d210f",
|
|
|
|
"observed-data--56b06e41-49e0-42e1-be2e-4996950d210f",
|
|
|
|
"url--56b06e41-49e0-42e1-be2e-4996950d210f",
|
|
|
|
"observed-data--56b06e41-7338-45c2-be4a-4d02950d210f",
|
|
|
|
"url--56b06e41-7338-45c2-be4a-4d02950d210f",
|
|
|
|
"observed-data--56b06e41-c220-43ab-85d8-4b65950d210f",
|
|
|
|
"url--56b06e41-c220-43ab-85d8-4b65950d210f",
|
|
|
|
"observed-data--56b06e41-8174-4851-8b69-4f47950d210f",
|
|
|
|
"url--56b06e41-8174-4851-8b69-4f47950d210f",
|
|
|
|
"observed-data--56b06e42-6d78-48db-981d-4e9e950d210f",
|
|
|
|
"url--56b06e42-6d78-48db-981d-4e9e950d210f",
|
|
|
|
"observed-data--56b06e42-9248-48b9-94e9-4661950d210f",
|
|
|
|
"url--56b06e42-9248-48b9-94e9-4661950d210f",
|
|
|
|
"observed-data--56b06e42-884c-41e1-9d02-4dea950d210f",
|
|
|
|
"url--56b06e42-884c-41e1-9d02-4dea950d210f",
|
|
|
|
"vulnerability--56b06e43-bb98-4f46-8f01-47dd950d210f",
|
|
|
|
"vulnerability--56b06e43-31b8-4c43-a4ca-4cf7950d210f",
|
|
|
|
"vulnerability--56b06e43-5e4c-49b1-a587-45da950d210f",
|
|
|
|
"vulnerability--56b06e43-9aa4-45ea-af96-4db5950d210f",
|
|
|
|
"vulnerability--56b06e43-e444-402f-b7c9-40df950d210f",
|
|
|
|
"indicator--56b08324-818c-454e-ad50-4dbc950d210f",
|
|
|
|
"indicator--56b08324-53dc-4e5a-ad8e-49c4950d210f",
|
|
|
|
"indicator--56b08324-e65c-4764-b7a1-47c2950d210f",
|
|
|
|
"indicator--56b08325-c95c-4ac3-816a-4a50950d210f",
|
|
|
|
"indicator--56b08325-d3f4-4fd1-b883-484b950d210f",
|
|
|
|
"indicator--56b08325-0fbc-4079-ad7f-4721950d210f",
|
|
|
|
"indicator--56b08326-70a0-45a7-ab8c-4b12950d210f",
|
|
|
|
"indicator--56b08326-1ff4-4d32-b2a7-48af950d210f",
|
|
|
|
"indicator--56b08326-a488-4231-b083-4f54950d210f",
|
|
|
|
"indicator--56b08327-1a8c-40ae-9a0d-47b1950d210f",
|
|
|
|
"indicator--56b08327-55d4-4d21-afee-4b59950d210f",
|
|
|
|
"indicator--56b08327-9544-4acc-9589-41f0950d210f",
|
|
|
|
"indicator--56b08328-301c-4c14-a1b3-4ee7950d210f",
|
|
|
|
"indicator--56b08328-3fc0-466a-b935-429c950d210f",
|
|
|
|
"indicator--56b08328-9104-4032-9412-4ce8950d210f",
|
|
|
|
"indicator--56b08329-1264-47d0-95e7-4a78950d210f",
|
|
|
|
"indicator--56b08329-6804-4c65-828b-48c0950d210f",
|
|
|
|
"indicator--56b08329-6708-4024-8bf0-4e82950d210f",
|
|
|
|
"indicator--56b0832a-2aa4-4456-9c85-4979950d210f",
|
|
|
|
"indicator--56b0832a-9614-4c39-9c4f-44d0950d210f",
|
|
|
|
"indicator--56b0832a-bd8c-4789-9d90-4f79950d210f",
|
|
|
|
"indicator--56b0832b-b0ac-4d5e-b482-4f17950d210f",
|
|
|
|
"indicator--56b0832b-0b14-4b57-941c-49d4950d210f",
|
|
|
|
"indicator--56b0832b-7bcc-452a-beb9-4867950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"type:OSINT",
|
|
|
|
"admiralty-scale:source-reliability=\"b\"",
|
|
|
|
"admiralty-scale:information-credibility=\"1\""
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
|
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e40-1d8c-4c17-a38a-4edd950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:16.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:16.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:16Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:16Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e40-1d8c-4c17-a38a-4edd950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e40-1d8c-4c17-a38a-4edd950d210f",
|
|
|
|
"value": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Neutrino-Exploit-Kit-%E2%80%93-One-Flash-File-to-Rule-Them-All/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e40-0720-4f15-a55a-45bd950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:16.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:16.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:16Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:16Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e40-0720-4f15-a55a-45bd950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e40-0720-4f15-a55a-45bd950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/05a50b8b9cccdfa6adcb1f1173c021c8944b3aa5312e21e0af015a98735263b2/analysis/1447730847/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e41-49e0-42e1-be2e-4996950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:17.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:17.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e41-49e0-42e1-be2e-4996950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e41-49e0-42e1-be2e-4996950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/7a1a1e3ae834e7682f3762c743ac44c5c35eeaf35f84ed6dcfff603c1e0357e8/analysis/1450952590/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e41-7338-45c2-be4a-4d02950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:17.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:17.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e41-7338-45c2-be4a-4d02950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e41-7338-45c2-be4a-4d02950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/aee8a02ac4176d4c712520ea0eef75850ad88bf196db983d6d4ccbba6f100d76/analysis/1450952600/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e41-c220-43ab-85d8-4b65950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:17.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:17.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e41-c220-43ab-85d8-4b65950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e41-c220-43ab-85d8-4b65950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/34b609d980a6baffe4ffe5927730c641b58c274239df68d1846566366940dcea/analysis/1450952611/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e41-8174-4851-8b69-4f47950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:17.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:17.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:17Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e41-8174-4851-8b69-4f47950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e41-8174-4851-8b69-4f47950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/972ec16e4fc85c88326d7bb616f7091dbc1448369e23107bb7bc0ad15a1046bd/analysis/1450952680/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e42-6d78-48db-981d-4e9e950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:18.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:18.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e42-6d78-48db-981d-4e9e950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e42-6d78-48db-981d-4e9e950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/806ab2c5b089bd3db019bc98ce00b28a57a936e06b3ad81104453b7aab2be43a/analysis/1450952686/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e42-9248-48b9-94e9-4661950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:18.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:18.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e42-9248-48b9-94e9-4661950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e42-9248-48b9-94e9-4661950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/163822f0eda6927994cb60736b9eb51600c203c4869b51db362aaba5203c2e98/analysis/1450952692/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--56b06e42-884c-41e1-9d02-4dea950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:18.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:18.000Z",
|
|
|
|
"first_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"last_observed": "2016-02-02T08:52:18Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"url--56b06e42-884c-41e1-9d02-4dea950d210f"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"link\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "url",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "url--56b06e42-884c-41e1-9d02-4dea950d210f",
|
|
|
|
"value": "https://www.virustotal.com/en/file/fe5bfee142d70d9d2e80f9e09659a244a7aaa262df9088b3643626b0fdba11e0/analysis/1450952540/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--56b06e43-bb98-4f46-8f01-47dd950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:19.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:19.000Z",
|
|
|
|
"name": "CVE-2015-2419",
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"vulnerability\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2015-2419"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--56b06e43-31b8-4c43-a4ca-4cf7950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:19.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:19.000Z",
|
|
|
|
"name": "CVE-2013-2551",
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"vulnerability\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2013-2551"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--56b06e43-5e4c-49b1-a587-45da950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:19.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:19.000Z",
|
|
|
|
"name": "CVE-2014-6332",
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"vulnerability\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2014-6332"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--56b06e43-9aa4-45ea-af96-4db5950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:19.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:19.000Z",
|
|
|
|
"name": "CVE-2015-7645",
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"vulnerability\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2015-7645"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "vulnerability",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "vulnerability--56b06e43-e444-402f-b7c9-40df950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T08:52:19.000Z",
|
|
|
|
"modified": "2016-02-02T08:52:19.000Z",
|
|
|
|
"name": "CVE-2014-0569",
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"vulnerability\"",
|
|
|
|
"misp:category=\"External analysis\""
|
|
|
|
],
|
|
|
|
"external_references": [
|
|
|
|
{
|
|
|
|
"source_name": "cve",
|
|
|
|
"external_id": "CVE-2014-0569"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08324-818c-454e-ad50-4dbc950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:24.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:24.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = 'd4b9af141d7f2e1b97e55f17133f4919']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:24Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08324-53dc-4e5a-ad8e-49c4950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:24.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:24.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = 'e6607695a56f13c001c29ae0a4d9ac2b5741626c']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:24Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08324-e65c-4764-b7a1-47c2950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:24.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:24.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = 'fe5bfee142d70d9d2e80f9e09659a244a7aaa262df9088b3643626b0fdba11e0']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:24Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08325-c95c-4ac3-816a-4a50950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:25.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:25.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = 'd523b243c629f71bcdbbd09a1274ec59']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:25Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08325-d3f4-4fd1-b883-484b950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:25.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:25.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '453a2e0069a26e9b7e2db638a8b1942e95c0a5a7']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:25Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08325-0fbc-4079-ad7f-4721950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:25.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:25.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '163822f0eda6927994cb60736b9eb51600c203c4869b51db362aaba5203c2e98']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:25Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08326-70a0-45a7-ab8c-4b12950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:26.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:26.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '4fc2d57dd2b96eca1d3e24441fc3c401']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:26Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08326-1ff4-4d32-b2a7-48af950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:26.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:26.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '3c0b6cf1d75aca0e339efecb700a3458aa27017e']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:26Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08326-a488-4231-b083-4f54950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:26.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:26.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '806ab2c5b089bd3db019bc98ce00b28a57a936e06b3ad81104453b7aab2be43a']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:26Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08327-1a8c-40ae-9a0d-47b1950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:27.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:27.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = 'dbb069409242bcf180c48bbc22df9dd1']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:27Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08327-55d4-4d21-afee-4b59950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:27.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:27.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = 'efdb659b75d4af0aab67b40042755bfb1f84357e']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:27Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08327-9544-4acc-9589-41f0950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:27.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:27.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '972ec16e4fc85c88326d7bb616f7091dbc1448369e23107bb7bc0ad15a1046bd']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:27Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08328-301c-4c14-a1b3-4ee7950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:28.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:28.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '955c42d4d9ac6b821dcb022b790aad82']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:28Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08328-3fc0-466a-b935-429c950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:28.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:28.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '5eb520aec1f1c992771f6a4559cda73cd60a5aaf']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:28Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08328-9104-4032-9412-4ce8950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:28.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:28.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '34b609d980a6baffe4ffe5927730c641b58c274239df68d1846566366940dcea']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:28Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08329-1264-47d0-95e7-4a78950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:29.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:29.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '4b0235980414e7fa8e188a0c2fc52b1a']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:29Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08329-6804-4c65-828b-48c0950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:29.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:29.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '90e6bb86cb96abdcd82576669b7a3dfd3a5c641d']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:29Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b08329-6708-4024-8bf0-4e82950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:29.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:29.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = 'aee8a02ac4176d4c712520ea0eef75850ad88bf196db983d6d4ccbba6f100d76']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:29Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832a-2aa4-4456-9c85-4979950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:30.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:30.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = 'cd4ac99e8fe25c9365708745db6ac7ad']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:30Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832a-9614-4c39-9c4f-44d0950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:30.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:30.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '7bc541ef970788a07c973ff8844ea758136fd711']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:30Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832a-bd8c-4789-9d90-4f79950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:30.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:30.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '7a1a1e3ae834e7682f3762c743ac44c5c35eeaf35f84ed6dcfff603c1e0357e8']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:30Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832b-b0ac-4d5e-b482-4f17950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:30.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:30.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '7f2b2f029fdc740b61d3b88c89913cf6']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:30Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832b-0b14-4b57-941c-49d4950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:31.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:31.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA1 = '7a044056194b07daa6a4c104be03e6fccd9089dc']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:31Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha1\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--56b0832b-7bcc-452a-beb9-4867950d210f",
|
|
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
|
|
"created": "2016-02-02T10:21:31.000Z",
|
|
|
|
"modified": "2016-02-02T10:21:31.000Z",
|
|
|
|
"pattern": "[file:hashes.SHA256 = '05a50b8b9cccdfa6adcb1f1173c021c8944b3aa5312e21e0af015a98735263b2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2016-02-02T10:21:31Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"sha256\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "marking-definition",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
|
|
"definition_type": "tlp",
|
|
|
|
"name": "TLP:WHITE",
|
|
|
|
"definition": {
|
|
|
|
"tlp": "white"
|
|
|
|
}
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
|
|
|
}
|