adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/56e27748-1864-476a-9c1c-4d10950d210f.json

2364 lines
100 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--56e27748-1864-476a-9c1c-4d10950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:51.000Z",
"modified": "2016-03-11T07:55:51.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--56e27748-1864-476a-9c1c-4d10950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:51.000Z",
"modified": "2016-03-11T07:55:51.000Z",
"name": "OSINT - Android banking trojan masquerades as Flash Player and bypasses 2FA",
"published": "2016-03-11T08:01:26Z",
"object_refs": [
"observed-data--56e2775a-f118-470e-b9c4-40b8950d210f",
"url--56e2775a-f118-470e-b9c4-40b8950d210f",
"x-misp-attribute--56e27783-7de4-4139-817b-4c6c950d210f",
"indicator--56e2784e-ca00-428e-853d-4d97950d210f",
"indicator--56e2784f-4a50-4b3e-827f-49ff950d210f",
"indicator--56e2784f-099c-4867-b685-4217950d210f",
"indicator--56e2786e-0afc-462c-a5b4-4e15950d210f",
"indicator--56e2786e-2888-4e75-bacd-474a950d210f",
"indicator--56e2786f-72b0-4648-8b94-4c55950d210f",
"indicator--56e278a5-aa10-4828-8798-4954950d210f",
"indicator--56e278a5-da3c-4e38-a42d-4ed4950d210f",
"indicator--56e278a5-d85c-4b0b-a582-4c2f950d210f",
"indicator--56e278a6-4000-4fa3-8b61-43e1950d210f",
"indicator--56e278a6-06fc-472c-92c8-49e2950d210f",
"indicator--56e278a6-bfa8-4390-99f6-4f4a950d210f",
"indicator--56e278a6-7e84-4746-9d81-4967950d210f",
"indicator--56e278c2-5b60-4af6-ae48-420f950d210f",
"indicator--56e278c3-fa54-4408-bcae-4811950d210f",
"indicator--56e278c3-1a80-40f3-8770-4a2f950d210f",
"indicator--56e278c3-2ffc-4b03-bee6-480b950d210f",
"indicator--56e278c4-7e4c-4c4f-86df-471a950d210f",
"indicator--56e278c4-f6e8-4f16-874e-4397950d210f",
"indicator--56e278c4-d4a4-4ee6-9128-4a02950d210f",
"indicator--56e278c5-4bb4-43ea-a65b-416d950d210f",
"indicator--56e278c5-46e8-40d2-be5c-4a93950d210f",
"indicator--56e278c5-b114-44ec-a6cd-4c79950d210f",
"indicator--56e278c6-e800-48cc-bbea-405a950d210f",
"indicator--56e278c6-37d0-448c-b9ea-42bf950d210f",
"indicator--56e278c6-6ba4-48a5-b1e6-4ec9950d210f",
"indicator--56e278c7-a7e4-4a00-9d40-455c950d210f",
"indicator--56e278c7-270c-4516-83a0-4064950d210f",
"indicator--56e278c7-de84-4d90-a7ff-406d950d210f",
"indicator--56e278c7-04dc-4ab4-8f07-4968950d210f",
"indicator--56e278c8-ab6c-453d-bf52-4b31950d210f",
"indicator--56e278c8-ba88-4275-843d-4cee950d210f",
"indicator--56e278c8-6be4-4ae1-bc6d-4c0c950d210f",
"indicator--56e278c8-0d7c-4e37-8371-478a950d210f",
"indicator--56e278c9-bb38-4baf-a91a-4954950d210f",
"indicator--56e278c9-003c-4e4b-b1c7-40f4950d210f",
"indicator--56e278f9-c8a0-46e5-8fbf-42c302de0b81",
"indicator--56e278fa-d27c-4d27-a92e-44ca02de0b81",
"observed-data--56e278fa-441c-476f-957c-4e3602de0b81",
"url--56e278fa-441c-476f-957c-4e3602de0b81",
"indicator--56e278fa-a620-46b5-8920-460f02de0b81",
"indicator--56e278fb-dfec-403e-b4c4-480502de0b81",
"observed-data--56e278fb-dab8-4b8b-a9f0-46e602de0b81",
"url--56e278fb-dab8-4b8b-a9f0-46e602de0b81",
"indicator--56e278fc-00d0-4f4f-9053-4ce402de0b81",
"indicator--56e278fc-349c-459b-9730-4f5402de0b81",
"observed-data--56e278fc-42cc-4248-94eb-4e8d02de0b81",
"url--56e278fc-42cc-4248-94eb-4e8d02de0b81",
"x-misp-attribute--56e279da-13fc-4dec-9edf-4d3a950d210f",
"x-misp-attribute--56e279da-3ef8-4119-af47-4d13950d210f",
"x-misp-attribute--56e279db-f2ac-462b-b367-4e83950d210f",
"x-misp-attribute--56e279db-c3c4-4a6e-943a-4e8a950d210f",
"x-misp-attribute--56e279db-e2e0-4da8-b121-480f950d210f",
"x-misp-attribute--56e279dc-a5bc-4ff0-96f7-4f07950d210f",
"x-misp-attribute--56e279dc-2934-4ea4-b9a1-4665950d210f",
"x-misp-attribute--56e279dc-9364-441a-ac90-4c73950d210f",
"x-misp-attribute--56e279dc-22b4-404c-889e-4d20950d210f",
"x-misp-attribute--56e279dd-a98c-498e-b022-4534950d210f",
"x-misp-attribute--56e279dd-ac64-460d-adf2-4235950d210f",
"x-misp-attribute--56e279dd-96ec-4326-85f3-44f9950d210f",
"x-misp-attribute--56e279de-0f78-4345-9089-4acd950d210f",
"x-misp-attribute--56e279de-5828-4f06-b8f5-472f950d210f",
"x-misp-attribute--56e279de-d098-4f36-85c4-40d4950d210f",
"x-misp-attribute--56e279de-89d8-49ff-8f55-4fe4950d210f",
"x-misp-attribute--56e279df-5620-4291-96f3-4686950d210f",
"x-misp-attribute--56e279df-c1b4-4007-b496-4de6950d210f",
"x-misp-attribute--56e279df-76a4-4f4b-8890-495a950d210f",
"x-misp-attribute--56e279e0-4c44-4f3b-9cfb-4e15950d210f",
"x-misp-attribute--56e27a07-ca54-42dc-a119-4939950d210f",
"x-misp-attribute--56e27a07-bc18-46f4-8ee4-4cbb950d210f",
"x-misp-attribute--56e27a08-df6c-4313-b53d-4296950d210f",
"x-misp-attribute--56e27a08-05b4-44ea-b739-41b0950d210f",
"x-misp-attribute--56e27a08-25c8-4a34-82da-403b950d210f",
"x-misp-attribute--56e27a08-3474-4431-8b9e-4be9950d210f",
"x-misp-attribute--56e27a09-22bc-4b7c-93ca-42a2950d210f",
"x-misp-attribute--56e27a09-5e58-4a1c-adbb-44a7950d210f",
"x-misp-attribute--56e27a09-f1d0-459c-a04a-45a8950d210f",
"x-misp-attribute--56e27a0a-da80-484d-8dce-44d5950d210f",
"x-misp-attribute--56e27a0a-a650-4d48-999f-4241950d210f",
"x-misp-attribute--56e27a0a-035c-4233-823c-42d7950d210f",
"x-misp-attribute--56e27a0b-f0ec-434f-9b4e-4ead950d210f",
"x-misp-attribute--56e27a0b-7488-4e5c-82ff-47f3950d210f",
"x-misp-attribute--56e27a0b-764c-4d73-8e3f-44fa950d210f",
"x-misp-attribute--56e27a0c-b6d4-47cc-a78e-49f0950d210f",
"x-misp-attribute--56e27a0c-9124-47e6-b099-4d60950d210f",
"x-misp-attribute--56e27a0c-0a70-4754-b71b-4516950d210f",
"x-misp-attribute--56e27a0d-7074-4a52-bb4c-4683950d210f",
"x-misp-attribute--56e27a0d-e7dc-42f1-b981-4add950d210f",
"x-misp-attribute--56e27a0d-7428-4072-aa1d-46ac950d210f",
"x-misp-attribute--56e27a0d-7454-406b-abbf-42f8950d210f",
"x-misp-attribute--56e27a0e-f4ac-407e-b303-4fe0950d210f",
"x-misp-attribute--56e27a0e-8b34-48f6-8ec1-4324950d210f",
"x-misp-attribute--56e27a0e-89b8-4cad-8237-40f2950d210f",
"x-misp-attribute--56e27a0f-b8d4-4554-8b9a-4d3d950d210f",
"x-misp-attribute--56e27a0f-1c84-4950-a37b-47ec950d210f",
"x-misp-attribute--56e27a0f-e574-44c2-9d5a-4d72950d210f",
"x-misp-attribute--56e27a10-8190-4af5-a9d9-43fd950d210f",
"x-misp-attribute--56e27a10-3e50-45e2-8839-4b56950d210f",
"x-misp-attribute--56e27a10-534c-4cf1-9485-44bd950d210f",
"x-misp-attribute--56e27a11-ad18-4619-97bb-41b2950d210f",
"x-misp-attribute--56e27a11-42dc-4b6f-89dd-4d1e950d210f",
"x-misp-attribute--56e27a11-cc50-4199-865b-4579950d210f",
"x-misp-attribute--56e27a12-eb3c-4b0f-b0e1-42be950d210f",
"x-misp-attribute--56e27a12-b248-4f76-a28e-47c2950d210f",
"x-misp-attribute--56e27a12-e714-4ba0-8965-49fb950d210f",
"x-misp-attribute--56e27a13-6410-47a3-82c4-45b2950d210f",
"x-misp-attribute--56e27a13-0918-4c2c-a00e-4a08950d210f",
"x-misp-attribute--56e27a13-7540-43a5-b7d7-4e35950d210f",
"x-misp-attribute--56e27a13-a94c-4404-bf1f-4ffe950d210f",
"x-misp-attribute--56e27a14-3004-4210-a86d-41e7950d210f",
"x-misp-attribute--56e27a14-e254-4dad-8840-4055950d210f",
"x-misp-attribute--56e27a14-77c4-4c0c-836d-4725950d210f",
"x-misp-attribute--56e27a15-ccfc-481e-87f1-487c950d210f",
"x-misp-attribute--56e27a15-8084-448a-8ea8-4352950d210f",
"x-misp-attribute--56e27a15-f720-416b-a3f5-4c84950d210f",
"x-misp-attribute--56e27a15-75f4-4d2d-9b0d-4d7a950d210f",
"x-misp-attribute--56e27a16-ca1c-4679-bdc9-463b950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"circl:topic=\"finance\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e2775a-f118-470e-b9c4-40b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:44:26.000Z",
"modified": "2016-03-11T07:44:26.000Z",
"first_observed": "2016-03-11T07:44:26Z",
"last_observed": "2016-03-11T07:44:26Z",
"number_observed": 1,
"object_refs": [
"url--56e2775a-f118-470e-b9c4-40b8950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e2775a-f118-470e-b9c4-40b8950d210f",
"value": "http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27783-7de4-4139-817b-4c6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:45:06.000Z",
"modified": "2016-03-11T07:45:06.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Active users of mobile banking apps should be aware of a new Android banking trojan campaign targeting customers of large banks in Australia, New Zealand and Turkey. The banking malware, detected by ESET security products as Android/Spy.Agent.SI, can steal login credentials from 20 mobile banking apps.The list of target banks includes the largest banks in each of the three target countries (A full list can be found in the final section of this article). Thanks to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication."
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2784e-ca00-428e-853d-4d97950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:48:30.000Z",
"modified": "2016-03-11T07:48:30.000Z",
"description": "C&C servers",
"pattern": "[url:value = 'http://94.198.97.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:48:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2784f-4a50-4b3e-827f-49ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:48:31.000Z",
"modified": "2016-03-11T07:48:31.000Z",
"description": "C&C servers",
"pattern": "[url:value = 'http://46.105.95.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:48:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2784f-099c-4867-b685-4217950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:48:31.000Z",
"modified": "2016-03-11T07:48:31.000Z",
"description": "C&C servers",
"pattern": "[url:value = 'http://181.174.164.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:48:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2786e-0afc-462c-a5b4-4e15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:02.000Z",
"modified": "2016-03-11T07:49:02.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.198.97.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2786e-2888-4e75-bacd-474a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:02.000Z",
"modified": "2016-03-11T07:49:02.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.105.95.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e2786f-72b0-4648-8b94-4c55950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:03.000Z",
"modified": "2016-03-11T07:49:03.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '181.174.164.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a5-aa10-4828-8798-4954950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:57.000Z",
"modified": "2016-03-11T07:49:57.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://flashplayeerupdate.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a5-da3c-4e38-a42d-4ed4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:57.000Z",
"modified": "2016-03-11T07:49:57.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeflashplaayer.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a5-d85c-4b0b-a582-4c2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:57.000Z",
"modified": "2016-03-11T07:49:57.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeuploadplayer.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a6-4000-4fa3-8b61-43e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:58.000Z",
"modified": "2016-03-11T07:49:58.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeplayerdownload.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a6-06fc-472c-92c8-49e2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:58.000Z",
"modified": "2016-03-11T07:49:58.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeupdateplayer.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a6-bfa8-4390-99f6-4f4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:58.000Z",
"modified": "2016-03-11T07:49:58.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeupdateplayeer.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278a6-7e84-4746-9d81-4967950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:49:58.000Z",
"modified": "2016-03-11T07:49:58.000Z",
"description": "Malicious link",
"pattern": "[url:value = 'http://adobeupdateflash11.com/download/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:49:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c2-5b60-4af6-ae48-420f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:26.000Z",
"modified": "2016-03-11T07:50:26.000Z",
"pattern": "[file:hashes.SHA1 = 'c31e5e31210b08ba07ac6570814473c963a2ef81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c3-fa54-4408-bcae-4811950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:27.000Z",
"modified": "2016-03-11T07:50:27.000Z",
"pattern": "[file:hashes.SHA1 = '6cad2250eddf7eddf0b4d4e7f0b5d24b647cb728']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c3-1a80-40f3-8770-4a2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:27.000Z",
"modified": "2016-03-11T07:50:27.000Z",
"pattern": "[file:hashes.SHA1 = '4a788d05dd8849cd60073f15255c166f06611475']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c3-2ffc-4b03-bee6-480b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:27.000Z",
"modified": "2016-03-11T07:50:27.000Z",
"pattern": "[file:hashes.SHA1 = 'ee88d05cf99d8c534fba60d1da9045fb7526343a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c4-7e4c-4c4f-86df-471a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:28.000Z",
"modified": "2016-03-11T07:50:28.000Z",
"pattern": "[file:hashes.SHA1 = '26a2b328f194b6b75b2cc72705dc928a4260b7e7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c4-f6e8-4f16-874e-4397950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:28.000Z",
"modified": "2016-03-11T07:50:28.000Z",
"pattern": "[file:hashes.SHA1 = '4ad1dbb43175a3294a85957e368c89a5e34f7b8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c4-d4a4-4ee6-9128-4a02950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:28.000Z",
"modified": "2016-03-11T07:50:28.000Z",
"pattern": "[file:hashes.SHA1 = 'db228bb5760bd7054e5e0a408e0c957aac72a89f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c5-4bb4-43ea-a65b-416d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:29.000Z",
"modified": "2016-03-11T07:50:29.000Z",
"pattern": "[file:hashes.SHA1 = '266b572b093db550778ba7824e32d88639b78afc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c5-46e8-40d2-be5c-4a93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:29.000Z",
"modified": "2016-03-11T07:50:29.000Z",
"pattern": "[file:hashes.SHA1 = 'e4fa83a479642792bc89ca3c1553883066a19b6c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c5-b114-44ec-a6cd-4c79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:29.000Z",
"modified": "2016-03-11T07:50:29.000Z",
"pattern": "[file:hashes.SHA1 = '644644a30de78ddcd50238b20bf8a70548ff574c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c6-e800-48cc-bbea-405a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:30.000Z",
"modified": "2016-03-11T07:50:30.000Z",
"pattern": "[file:hashes.SHA1 = 'f1aaae29071cbc23c33b4282f1c425124234481c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c6-37d0-448c-b9ea-42bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:30.000Z",
"modified": "2016-03-11T07:50:30.000Z",
"pattern": "[file:hashes.SHA1 = 'cac078c80ad1ff909cc9970e3ca552a5865c7963']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c6-6ba4-48a5-b1e6-4ec9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:30.000Z",
"modified": "2016-03-11T07:50:30.000Z",
"pattern": "[file:hashes.SHA1 = '1c8d0e7bb733fbceb05c40e0ce26288487655738']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c7-a7e4-4a00-9d40-455c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:31.000Z",
"modified": "2016-03-11T07:50:31.000Z",
"pattern": "[file:hashes.SHA1 = 'fe6ac1915f8c215ecec227da6fb341520d68a9c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c7-270c-4516-83a0-4064950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:31.000Z",
"modified": "2016-03-11T07:50:31.000Z",
"pattern": "[file:hashes.SHA1 = 'bd394e0e626ce74c938dddf0005c074bc8c5249d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c7-de84-4d90-a7ff-406d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:31.000Z",
"modified": "2016-03-11T07:50:31.000Z",
"pattern": "[file:hashes.SHA1 = 'd7e0afce7d2c4de8182c353c7cba3fac607eafc9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c7-04dc-4ab4-8f07-4968950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:31.000Z",
"modified": "2016-03-11T07:50:31.000Z",
"pattern": "[file:hashes.SHA1 = 'a804e43c3aff3bdaee24f8abf460baa8442f5372']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c8-ab6c-453d-bf52-4b31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:32.000Z",
"modified": "2016-03-11T07:50:32.000Z",
"pattern": "[file:hashes.SHA1 = '0ef56105cf4dbf1dae1d91ece62fc6c4ff8ad05f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c8-ba88-4275-843d-4cee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:32.000Z",
"modified": "2016-03-11T07:50:32.000Z",
"pattern": "[file:hashes.SHA1 = '9fd295721c1ff87bc862d19f6195fdde090524d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c8-6be4-4ae1-bc6d-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:32.000Z",
"modified": "2016-03-11T07:50:32.000Z",
"pattern": "[file:hashes.SHA1 = '57d0870e68ac1b508bc83f24e8a0ebc624e9b104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c8-0d7c-4e37-8371-478a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:32.000Z",
"modified": "2016-03-11T07:50:32.000Z",
"pattern": "[file:hashes.SHA1 = '521f9767104c6cbb5489544063fce555b94025a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c9-bb38-4baf-a91a-4954950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:33.000Z",
"modified": "2016-03-11T07:50:33.000Z",
"pattern": "[file:hashes.SHA1 = 'e5f536408dbb66842d7bb6f0730144fdd877a560']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278c9-003c-4e4b-b1c7-40f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:50:33.000Z",
"modified": "2016-03-11T07:50:33.000Z",
"pattern": "[file:hashes.SHA1 = '3fa6010874d39b050ca6ca380dad33ca49a8b821']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:50:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278f9-c8a0-46e5-8fbf-42c302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:21.000Z",
"modified": "2016-03-11T07:51:21.000Z",
"description": "- Xchecked via VT: fe6ac1915f8c215ecec227da6fb341520d68a9c7",
"pattern": "[file:hashes.SHA256 = 'fe0e760fbe30b16ddc94ed71d18890d3a0aaec667889184dbcf30f5009ee96e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278fa-d27c-4d27-a92e-44ca02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:22.000Z",
"modified": "2016-03-11T07:51:22.000Z",
"description": "- Xchecked via VT: fe6ac1915f8c215ecec227da6fb341520d68a9c7",
"pattern": "[file:hashes.MD5 = '4432992fe6034b03ed738ddc44d8065f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e278fa-441c-476f-957c-4e3602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:22.000Z",
"modified": "2016-03-11T07:51:22.000Z",
"first_observed": "2016-03-11T07:51:22Z",
"last_observed": "2016-03-11T07:51:22Z",
"number_observed": 1,
"object_refs": [
"url--56e278fa-441c-476f-957c-4e3602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e278fa-441c-476f-957c-4e3602de0b81",
"value": "https://www.virustotal.com/file/fe0e760fbe30b16ddc94ed71d18890d3a0aaec667889184dbcf30f5009ee96e8/analysis/1457552096/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278fa-a620-46b5-8920-460f02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:22.000Z",
"modified": "2016-03-11T07:51:22.000Z",
"description": "- Xchecked via VT: 6cad2250eddf7eddf0b4d4e7f0b5d24b647cb728",
"pattern": "[file:hashes.SHA256 = '581cc3af6e73f8a700188655b2b6dcf47a033e86ba8338f781d04061c09c4606']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278fb-dfec-403e-b4c4-480502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:23.000Z",
"modified": "2016-03-11T07:51:23.000Z",
"description": "- Xchecked via VT: 6cad2250eddf7eddf0b4d4e7f0b5d24b647cb728",
"pattern": "[file:hashes.MD5 = '448f777e77229a2987adf9cf52d58917']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e278fb-dab8-4b8b-a9f0-46e602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:23.000Z",
"modified": "2016-03-11T07:51:23.000Z",
"first_observed": "2016-03-11T07:51:23Z",
"last_observed": "2016-03-11T07:51:23Z",
"number_observed": 1,
"object_refs": [
"url--56e278fb-dab8-4b8b-a9f0-46e602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e278fb-dab8-4b8b-a9f0-46e602de0b81",
"value": "https://www.virustotal.com/file/581cc3af6e73f8a700188655b2b6dcf47a033e86ba8338f781d04061c09c4606/analysis/1457552094/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278fc-00d0-4f4f-9053-4ce402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:24.000Z",
"modified": "2016-03-11T07:51:24.000Z",
"description": "- Xchecked via VT: c31e5e31210b08ba07ac6570814473c963a2ef81",
"pattern": "[file:hashes.SHA256 = '8b4b2d8e1f051b3789c3d8f320136f9ebe75ef5f73c0f524e9875601a4ba5a68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e278fc-349c-459b-9730-4f5402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:24.000Z",
"modified": "2016-03-11T07:51:24.000Z",
"description": "- Xchecked via VT: c31e5e31210b08ba07ac6570814473c963a2ef81",
"pattern": "[file:hashes.MD5 = '58bc3aa24b3164609ed18d115db90de8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-11T07:51:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e278fc-42cc-4248-94eb-4e8d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:51:24.000Z",
"modified": "2016-03-11T07:51:24.000Z",
"first_observed": "2016-03-11T07:51:24Z",
"last_observed": "2016-03-11T07:51:24Z",
"number_observed": 1,
"object_refs": [
"url--56e278fc-42cc-4248-94eb-4e8d02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e278fc-42cc-4248-94eb-4e8d02de0b81",
"value": "https://www.virustotal.com/file/8b4b2d8e1f051b3789c3d8f320136f9ebe75ef5f73c0f524e9875601a4ba5a68/analysis/1457552093/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279da-13fc-4dec-9edf-4d3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:06.000Z",
"modified": "2016-03-11T07:55:06.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Westpac"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279da-3ef8-4119-af47-4d13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:06.000Z",
"modified": "2016-03-11T07:55:06.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Bendigo Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279db-f2ac-462b-b367-4e83950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:07.000Z",
"modified": "2016-03-11T07:55:07.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Commonwealth Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279db-c3c4-4a6e-943a-4e8a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:07.000Z",
"modified": "2016-03-11T07:55:07.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "St. George Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279db-e2e0-4da8-b121-480f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:07.000Z",
"modified": "2016-03-11T07:55:07.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "National Australia Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dc-a5bc-4ff0-96f7-4f07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:08.000Z",
"modified": "2016-03-11T07:55:08.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Bankwest"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dc-2934-4ea4-b9a1-4665950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:08.000Z",
"modified": "2016-03-11T07:55:08.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Me Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dc-9364-441a-ac90-4c73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:08.000Z",
"modified": "2016-03-11T07:55:08.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "ANZ Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dc-22b4-404c-889e-4d20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:08.000Z",
"modified": "2016-03-11T07:55:08.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "ASB Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dd-a98c-498e-b022-4534950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:09.000Z",
"modified": "2016-03-11T07:55:09.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Bank of New Zealand"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dd-ac64-460d-adf2-4235950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:09.000Z",
"modified": "2016-03-11T07:55:09.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Kiwibank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279dd-96ec-4326-85f3-44f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:09.000Z",
"modified": "2016-03-11T07:55:09.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Wells Fargo"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279de-0f78-4345-9089-4acd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:10.000Z",
"modified": "2016-03-11T07:55:10.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Halkbank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279de-5828-4f06-b8f5-472f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:10.000Z",
"modified": "2016-03-11T07:55:10.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Yap\u00c4\u00b1 Kredi Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279de-d098-4f36-85c4-40d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:10.000Z",
"modified": "2016-03-11T07:55:10.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Vak\u00c4\u00b1fBank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279de-89d8-49ff-8f55-4fe4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:10.000Z",
"modified": "2016-03-11T07:55:10.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Garanti Bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279df-5620-4291-96f3-4686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:11.000Z",
"modified": "2016-03-11T07:55:11.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Akbank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279df-c1b4-4007-b496-4de6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:11.000Z",
"modified": "2016-03-11T07:55:11.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Finansbank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279df-76a4-4f4b-8890-495a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:11.000Z",
"modified": "2016-03-11T07:55:11.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "T\u00c3\u00bcrkiye \u00c4\u00b0\u00c5\u0178 Bankas\u00c4\u00b1"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e279e0-4c44-4f3b-9cfb-4e15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:12.000Z",
"modified": "2016-03-11T07:55:12.000Z",
"labels": [
"misp:type=\"target-user\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted banks",
"x_misp_type": "target-user",
"x_misp_value": "Ziraat Bankas\u00c4\u00b1"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a07-ca54-42dc-a119-4939950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:51.000Z",
"modified": "2016-03-11T07:55:51.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "org.westpac.bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a07-bc18-46f4-8ee4-4cbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:51.000Z",
"modified": "2016-03-11T07:55:51.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.westpac.cashtank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a08-df6c-4313-b53d-4296950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:52.000Z",
"modified": "2016-03-11T07:55:52.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "au.com.westpac.onlineinvesting"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a08-05b4-44ea-b739-41b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:52.000Z",
"modified": "2016-03-11T07:55:52.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "org.banking.westpac.payway"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a08-25c8-4a34-82da-403b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:52.000Z",
"modified": "2016-03-11T07:55:52.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.rev.mobilebanking.westpac"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a08-3474-4431-8b9e-4be9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:52.000Z",
"modified": "2016-03-11T07:55:52.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.westpac.illuminate"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a09-22bc-4b7c-93ca-42a2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:53.000Z",
"modified": "2016-03-11T07:55:53.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.bendigobank.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a09-5e58-4a1c-adbb-44a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:53.000Z",
"modified": "2016-03-11T07:55:53.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.commbank.netbank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a09-f1d0-459c-a04a-45a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:53.000Z",
"modified": "2016-03-11T07:55:53.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "org.stgeorge.bank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0a-da80-484d-8dce-44d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:54.000Z",
"modified": "2016-03-11T07:55:54.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "au.com.nab.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0a-a650-4d48-999f-4241950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:54.000Z",
"modified": "2016-03-11T07:55:54.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "au.com.bankwest.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0a-035c-4233-823c-42d7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:54.000Z",
"modified": "2016-03-11T07:55:54.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.akbank.android.apps.akbank_direkt"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0b-f0ec-434f-9b4e-4ead950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:55.000Z",
"modified": "2016-03-11T07:55:55.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.finansbank.mobile.cepsube"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0b-7488-4e5c-82ff-47f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:55.000Z",
"modified": "2016-03-11T07:55:55.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "finansbank.enpara"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0b-764c-4d73-8e3f-44fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:55.000Z",
"modified": "2016-03-11T07:55:55.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.pozitron.iscep"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0c-b6d4-47cc-a78e-49f0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:56.000Z",
"modified": "2016-03-11T07:55:56.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.wf.wellsfargomobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0c-9124-47e6-b099-4d60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:56.000Z",
"modified": "2016-03-11T07:55:56.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.wf.wellsfargomobile.tablet"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0c-0a70-4754-b71b-4516950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:56.000Z",
"modified": "2016-03-11T07:55:56.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.wellsFargo.ceomobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0d-7074-4a52-bb4c-4683950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:57.000Z",
"modified": "2016-03-11T07:55:57.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.wellsfargo.mobile.merchant"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0d-e7dc-42f1-b981-4add950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:57.000Z",
"modified": "2016-03-11T07:55:57.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.tmobtech.halkbank"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0d-7428-4072-aa1d-46ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:57.000Z",
"modified": "2016-03-11T07:55:57.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.ziraat.ziraatmobil"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0d-7454-406b-abbf-42f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:57.000Z",
"modified": "2016-03-11T07:55:57.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "au.com.mebank.banking"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0e-f4ac-407e-b303-4fe0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:58.000Z",
"modified": "2016-03-11T07:55:58.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.anz.android.gomoney"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0e-8b34-48f6-8ec1-4324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:58.000Z",
"modified": "2016-03-11T07:55:58.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "nz.co.anz.android.mobilebanking"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0e-89b8-4cad-8237-40f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:58.000Z",
"modified": "2016-03-11T07:55:58.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "nz.co.westpac"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0f-b8d4-4554-8b9a-4d3d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:59.000Z",
"modified": "2016-03-11T07:55:59.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "nz.co.asb.asbmobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0f-1c84-4950-a37b-47ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:59.000Z",
"modified": "2016-03-11T07:55:59.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "nz.co.bnz.droidbanking"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a0f-e574-44c2-9d5a-4d72950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:55:59.000Z",
"modified": "2016-03-11T07:55:59.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "nz.co.kiwibank.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a10-8190-4af5-a9d9-43fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:00.000Z",
"modified": "2016-03-11T07:56:00.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.ykb.android"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a10-3e50-45e2-8839-4b56950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:00.000Z",
"modified": "2016-03-11T07:56:00.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.vakifbank.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a10-534c-4cf1-9485-44bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:00.000Z",
"modified": "2016-03-11T07:56:00.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.garanti.cepsubesi"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a11-ad18-4619-97bb-41b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:01.000Z",
"modified": "2016-03-11T07:56:01.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "biz.mobinex.android.apps.cep_sifrematik"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a11-42dc-4b6f-89dd-4d1e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:01.000Z",
"modified": "2016-03-11T07:56:01.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.paypal.android.p2pmobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a11-cc50-4199-865b-4579950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:01.000Z",
"modified": "2016-03-11T07:56:01.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.ebay.mobile"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a12-eb3c-4b0f-b0e1-42be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:02.000Z",
"modified": "2016-03-11T07:56:02.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.skype.raider"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a12-b248-4f76-a28e-47c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:02.000Z",
"modified": "2016-03-11T07:56:02.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.whatsapp"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a12-e714-4ba0-8965-49fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:02.000Z",
"modified": "2016-03-11T07:56:02.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.googlequicksearchbox"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a13-6410-47a3-82c4-45b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:03.000Z",
"modified": "2016-03-11T07:56:03.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.android.vending"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a13-0918-4c2c-a00e-4a08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:03.000Z",
"modified": "2016-03-11T07:56:03.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.music"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a13-7540-43a5-b7d7-4e35950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:03.000Z",
"modified": "2016-03-11T07:56:03.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.plus"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a13-a94c-4404-bf1f-4ffe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:03.000Z",
"modified": "2016-03-11T07:56:03.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.android.chrome"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a14-3004-4210-a86d-41e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:04.000Z",
"modified": "2016-03-11T07:56:04.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.maps"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a14-e254-4dad-8840-4055950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:04.000Z",
"modified": "2016-03-11T07:56:04.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.youtube"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a14-77c4-4c0c-836d-4725950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:04.000Z",
"modified": "2016-03-11T07:56:04.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.photos"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a15-ccfc-481e-87f1-487c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:05.000Z",
"modified": "2016-03-11T07:56:05.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.books"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a15-8084-448a-8ea8-4352950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:05.000Z",
"modified": "2016-03-11T07:56:05.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.docs"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a15-f720-416b-a3f5-4c84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:05.000Z",
"modified": "2016-03-11T07:56:05.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.apps.docs.editors.docs"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a15-75f4-4d2d-9b0d-4d7a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:05.000Z",
"modified": "2016-03-11T07:56:05.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.videos"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--56e27a16-ca1c-4679-bdc9-463b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-11T07:56:06.000Z",
"modified": "2016-03-11T07:56:06.000Z",
"labels": [
"misp:type=\"target-machine\"",
"misp:category=\"Targeting data\""
],
"x_misp_category": "Targeting data",
"x_misp_comment": "Targeted package names",
"x_misp_type": "target-machine",
"x_misp_value": "com.google.android.gm"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink