adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/591bfbca-a168-4ca0-b1d8-4c14950d210f.json

2413 lines
97 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--591bfbca-a168-4ca0-b1d8-4c14950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--591bfbca-a168-4ca0-b1d8-4c14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"name": "2017-05-15 Malspam 00_Invoice_###.PDF",
"published": "2017-05-17T09:52:41Z",
"object_refs": [
"indicator--591bfbcc-a984-46ea-86ac-4f84950d210f",
"indicator--591bfbd2-bd58-4095-8336-4d11950d210f",
"indicator--591bfbd8-03c4-4aa1-a483-4e96950d210f",
"indicator--591bfbda-f3dc-442a-945f-4b5e950d210f",
"indicator--591bfbdc-e530-43bf-a794-4f68950d210f",
"indicator--591bfbde-3914-450d-ae96-4dcc950d210f",
"indicator--591bfbdf-8790-4ddf-bc34-4257950d210f",
"indicator--591bfbe2-b958-4cf0-b397-4dda950d210f",
"indicator--591bfbe3-a02c-439a-ad26-4372950d210f",
"indicator--591bfbe4-b31c-40f1-9935-4641950d210f",
"indicator--591bfbe6-2f64-45e4-b8a7-4ae3950d210f",
"indicator--591bfbe7-4370-4b8f-83f6-499e950d210f",
"indicator--591bfbe8-450c-4ca2-a711-4474950d210f",
"indicator--591bfbea-f978-48f0-a750-4eeb950d210f",
"indicator--591bfbeb-e6bc-49a8-9d28-4803950d210f",
"indicator--591bfbec-0950-4b49-a66c-44de950d210f",
"indicator--591bfbee-579c-42f8-95ef-46f4950d210f",
"indicator--591bfbef-6148-4d0c-ab4f-4106950d210f",
"indicator--591bfbf0-7268-4064-83a3-4099950d210f",
"indicator--591bfbf4-3f44-47a2-83e3-4523950d210f",
"indicator--591bfbf6-fd4c-4961-9ada-4a13950d210f",
"indicator--591bfbf8-ec8c-4f14-8618-4836950d210f",
"indicator--591bfbf9-ba14-4815-9abb-4309950d210f",
"indicator--591bfbfb-88e0-4248-afa2-4f3a950d210f",
"indicator--591bfbfd-c4fc-449a-8dfc-4779950d210f",
"indicator--591bfbfe-b614-4ea7-8d8c-4fb7950d210f",
"indicator--591bfc00-2fb0-4cdd-83a0-45b6950d210f",
"indicator--591bfc02-dc44-47c6-a586-4d98950d210f",
"indicator--591bfc03-8bf4-40d3-bde0-4101950d210f",
"indicator--591bfc05-0628-48b3-925c-48b7950d210f",
"indicator--591bfc06-b21c-41e4-9ddc-4f8f950d210f",
"indicator--591bfc08-2f14-40c1-9767-4a8b950d210f",
"indicator--591bfc09-c4dc-4a59-b112-41a5950d210f",
"indicator--591bfc0c-6368-4a38-94ae-4e48950d210f",
"indicator--591bfc0e-f68c-4639-a69c-45e5950d210f",
"indicator--591bfc0f-3174-4917-a11b-4662950d210f",
"indicator--591bfc11-00a4-439a-adff-4690950d210f",
"indicator--591bfc14-fbb4-4e10-ac3f-4e9f950d210f",
"indicator--591bfc15-2f80-4f92-80db-4f0d950d210f",
"indicator--591bfc17-14ac-4e03-9bb3-41ca950d210f",
"indicator--591bfc19-0414-42b4-899e-43b1950d210f",
"indicator--591bfc1b-a748-48cb-8db5-4295950d210f",
"indicator--591bfc1e-f5f8-446f-baf4-4684950d210f",
"indicator--591bfc20-f7e0-47a4-b1a5-4982950d210f",
"indicator--591bfc22-0090-4c3e-8442-43f5950d210f",
"indicator--591bfc23-be98-4f21-8f80-4bc4950d210f",
"indicator--591bfc25-d26c-4237-9831-4a0c950d210f",
"indicator--591bfc27-d848-4100-882b-4c62950d210f",
"indicator--591bfc2a-b130-4ab8-9334-4691950d210f",
"indicator--591bfc2b-0628-4a9a-afe4-454e950d210f",
"indicator--591bfc2d-0e90-40a9-a559-4bfc950d210f",
"indicator--591bfc2f-1b5c-4d2d-8172-44d9950d210f",
"indicator--591bfc32-5410-4413-a5ec-40b4950d210f",
"indicator--591bfc33-582c-4087-b030-468c950d210f",
"indicator--591bfc36-e094-455c-ad6c-4111950d210f",
"indicator--591bfc38-bda4-49d8-9539-435e950d210f",
"indicator--591bfc39-8e88-45c4-b1d7-45e7950d210f",
"indicator--591bfc3c-2818-4165-a56f-4221950d210f",
"indicator--591bfc3e-ec5c-46e7-bfc4-4f5c950d210f",
"indicator--591bfc40-2c5c-42d2-a9bc-4441950d210f",
"indicator--591bfc42-cbc0-4298-ac6d-4e2b950d210f",
"indicator--591bfc44-b68c-405f-a3e2-4dd8950d210f",
"indicator--591bfc46-e8a4-4af9-9663-418e950d210f",
"indicator--591bfc48-53bc-4736-ad7d-4203950d210f",
"indicator--591bfc4a-e1a4-4b6c-b88f-4613950d210f",
"indicator--591bfc4c-7880-4a0c-bd40-448e950d210f",
"indicator--591bfc50-9d18-4641-9a25-4493950d210f",
"indicator--591bfc53-08b0-42a2-8fcd-4aa7950d210f",
"indicator--591bfc55-5064-4b3a-b114-4ad0950d210f",
"indicator--591bfc57-04a8-491a-86ae-4256950d210f",
"indicator--591bfc5a-d1cc-4427-8813-4b27950d210f",
"indicator--591bfc5d-9748-48e6-b4ff-46e4950d210f",
"indicator--591bfc5f-c590-458e-9243-4667950d210f",
"indicator--591bfc61-fd94-4a8d-ae51-4d2f950d210f",
"indicator--591bfc64-e7ec-4857-a131-4c12950d210f",
"indicator--591bfc66-d01c-4b9b-8b83-436e950d210f",
"indicator--591bfc68-13d0-4336-93ce-4b5b950d210f",
"indicator--591bfc6a-be54-4d9e-a0c3-4873950d210f",
"indicator--591bfc6d-d174-4fe2-9e1c-4245950d210f",
"indicator--591bfc6f-0b8c-46eb-a0f0-4689950d210f",
"indicator--591bfca0-dbf8-431f-8b6d-43b6950d210f",
"indicator--591bfca6-92e4-4098-983b-4d9f950d210f",
"indicator--591bfcae-b39c-4330-9d16-4705950d210f",
"indicator--591bfcb5-adf8-46b9-9da1-46ea950d210f",
"indicator--591bfcbb-ef40-4919-bb0a-4a49950d210f",
"observed-data--591bfcc2-32c0-46fc-9c4f-471e950d210f",
"url--591bfcc2-32c0-46fc-9c4f-471e950d210f",
"observed-data--591bfcc4-1248-4932-8aba-4351950d210f",
"url--591bfcc4-1248-4932-8aba-4351950d210f",
"observed-data--591bfcc7-1e10-492b-a57d-43ed950d210f",
"url--591bfcc7-1e10-492b-a57d-43ed950d210f",
"indicator--591bfcc9-de70-45ac-9998-4997950d210f",
"indicator--591bfcce-a7c4-4f4b-8071-491f950d210f",
"indicator--591c0d02-622c-403e-a092-4e5d02de0b81",
"observed-data--591c0d02-2ac0-4ef2-9491-49af02de0b81",
"url--591c0d02-2ac0-4ef2-9491-49af02de0b81",
"indicator--591c0d02-8dec-4783-8010-485302de0b81",
"observed-data--591c0d03-3760-4207-85b3-477602de0b81",
"url--591c0d03-3760-4207-85b3-477602de0b81",
"indicator--591c0d03-7a34-4e05-b3e1-44a402de0b81",
"indicator--591c0d04-f690-4ae7-baf0-457c02de0b81",
"observed-data--591c0d04-a760-4f1e-89e8-462202de0b81",
"url--591c0d04-a760-4f1e-89e8-462202de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:ransomware=\"Jaff\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbcc-a984-46ea-86ac-4f84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[file:hashes.MD5 = '133fe54c189f9fd793babf879179b068']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbd2-bd58-4095-8336-4d11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[file:hashes.MD5 = 'f5ebb00e1fb9bbcfe5ae742082e2002f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbd8-03c4-4aa1-a483-4e96950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[file:hashes.MD5 = 'eb680f46c268e6eac359b574538de569']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbda-f3dc-442a-945f-4b5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[file:hashes.SHA256 = '5968b7a89e5d1db8447b5343f20362ab713551a94226fb905fff7a067c770c79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbdc-e530-43bf-a794-4f68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[file:hashes.SHA256 = '46ee7490b657edfbcbd6ebc2070548e2eb72bda3a054cf60fd7627345bd0575b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbde-3914-450d-ae96-4dcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://5hdnnd74fffrottd.com/af/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbdf-8790-4ddf-bc34-4257950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = '5hdnnd74fffrottd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe2-b958-4cf0-b397-4dda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "5hdnnd74fffrottd.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '34.209.214.237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe3-a02c-439a-ad26-4372950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://bianshop.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe4-b31c-40f1-9935-4641950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'bianshop.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe6-2f64-45e4-b8a7-4ae3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "bianshop.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.78.6.183']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe7-4370-4b8f-83f6-499e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://bizcleaning.co.uk/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbe8-450c-4ca2-a711-4474950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'bizcleaning.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbea-f978-48f0-a750-4eeb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "bizcleaning.co.uk",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.162.140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbeb-e6bc-49a8-9d28-4803950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://boolas.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbec-0950-4b49-a66c-44de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'boolas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbee-579c-42f8-95ef-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "boolas.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.24.219.110']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbef-6148-4d0c-ab4f-4106950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://byydei74fg43ff4f.net/af/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbf0-7268-4064-83a3-4099950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'byydei74fg43ff4f.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbf4-3f44-47a2-83e3-4523950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://dcfarbicka.sk/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbf6-fd4c-4961-9ada-4a13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'dcfarbicka.sk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbf8-ec8c-4f14-8618-4836950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "dcfarbicka.sk",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.10.105.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbf9-ba14-4815-9abb-4309950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://diasgroup.sk/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbfb-88e0-4248-afa2-4f3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'diasgroup.sk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbfd-c4fc-449a-8dfc-4779950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "diasgroup.sk",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.248.29.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfbfe-b614-4ea7-8d8c-4fb7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://djkammerthal.de/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc00-2fb0-4cdd-83a0-45b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'djkammerthal.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc02-dc44-47c6-a586-4d98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "djkammerthal.de",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc03-8bf4-40d3-bde0-4101950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://dovahosting.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc05-0628-48b3-925c-48b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'dovahosting.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc06-b21c-41e4-9ddc-4f8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "dovahosting.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.70.44.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc08-2f14-40c1-9767-4a8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://dsintergrated.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc09-c4dc-4a59-b112-41a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'dsintergrated.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc0c-6368-4a38-94ae-4e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "dsintergrated.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.0.121.220']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc0e-f68c-4639-a69c-45e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://ecbuyjp.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc0f-3174-4917-a11b-4662950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'ecbuyjp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc11-00a4-439a-adff-4690950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "ecbuyjp.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.91.145.254']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc14-fbb4-4e10-ac3f-4e9f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://ecuamiaflowers.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc15-2f80-4f92-80db-4f0d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'ecuamiaflowers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc17-14ac-4e03-9bb3-41ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "ecuamiaflowers.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.14.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc19-0414-42b4-899e-43b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://energybalancecenter.nl/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc1b-a748-48cb-8db5-4295950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'energybalancecenter.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc1e-f5f8-446f-baf4-4684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "energybalancecenter.nl",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.46.162.14']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc20-f7e0-47a4-b1a5-4982950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://fotografikum.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc22-0090-4c3e-8442-43f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'fotografikum.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc23-be98-4f21-8f80-4bc4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "fotografikum.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.2.31.189']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc25-d26c-4237-9831-4a0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://hncdc.org/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc27-d848-4100-882b-4c62950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'hncdc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc2a-b130-4ab8-9334-4691950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "hncdc.org",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '61.191.55.24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc2b-0628-4a9a-afe4-454e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://hrlpk.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc2d-0e90-40a9-a559-4bfc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'hrlpk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc2f-1b5c-4d2d-8172-44d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "hrlpk.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.124.43.229']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc32-5410-4413-a5ec-40b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://oyasinsaat.com.tr/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc33-582c-4087-b030-468c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'oyasinsaat.com.tr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc36-e094-455c-ad6c-4111950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "oyasinsaat.com.tr",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.73.148.80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc38-bda4-49d8-9539-435e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://phoicanh3d.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc39-8e88-45c4-b1d7-45e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'phoicanh3d.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc3c-2818-4165-a56f-4221950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "phoicanh3d.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.64.147.39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc3e-ec5c-46e7-bfc4-4f5c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://ppapmoozamiz.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc40-2c5c-42d2-a9bc-4441950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'ppapmoozamiz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc42-cbc0-4298-ac6d-4e2b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "ppapmoozamiz.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.62.27.56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc44-b68c-405f-a3e2-4dd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://rooana.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc46-e8a4-4af9-9663-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'rooana.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc48-53bc-4736-ad7d-4203950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "rooana.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.135.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc4a-e1a4-4b6c-b88f-4613950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://sjffonrvcik45bd.info/af/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc4c-7880-4a0c-bd40-448e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'sjffonrvcik45bd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc50-9d18-4641-9a25-4493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://tutmacli.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc53-08b0-42a2-8fcd-4aa7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'tutmacli.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc55-5064-4b3a-b114-4ad0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "tutmacli.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.89.224.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc57-04a8-491a-86ae-4256950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://urachart.com/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc5a-d1cc-4427-8813-4b27950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'urachart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc5d-9748-48e6-b4ff-46e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "urachart.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.170.192.184']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc5f-c590-458e-9243-4667950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://vasroc.pt/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc61-fd94-4a8d-ae51-4d2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'vasroc.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc64-e7ec-4857-a131-4c12950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "vasroc.pt",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.26.241.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc66-d01c-4b9b-8b83-436e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://vbplan.de/hHGFjd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc68-13d0-4336-93ce-4b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'vbplan.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc6a-be54-4d9e-a0c3-4873950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"description": "vbplan.de",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.145.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc6d-d174-4fe2-9e1c-4245950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://h552terriddows.com/a5/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfc6f-0b8c-46eb-a0f0-4689950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[domain-name:value = 'h552terriddows.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfca0-dbf8-431f-8b6d-43b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'urachart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfca6-92e4-4098-983b-4d9f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'fotografikum.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfcae-b39c-4330-9d16-4705950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = '5hdnnd74fffrottd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfcb5-adf8-46b9-9da1-46ea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'byydei74fg43ff4f.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfcbb-ef40-4919-bb0a-4a49950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'sjffonrvcik45bd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591bfcc2-32c0-46fc-9c4f-471e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"first_observed": "2017-05-17T08:41:58Z",
"last_observed": "2017-05-17T08:41:58Z",
"number_observed": 1,
"object_refs": [
"url--591bfcc2-32c0-46fc-9c4f-471e950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591bfcc2-32c0-46fc-9c4f-471e950d210f",
"value": "https://www.virustotal.com/en/file/5968b7a89e5d1db8447b5343f20362ab713551a94226fb905fff7a067c770c79/analysis/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591bfcc4-1248-4932-8aba-4351950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"first_observed": "2017-05-17T08:41:58Z",
"last_observed": "2017-05-17T08:41:58Z",
"number_observed": 1,
"object_refs": [
"url--591bfcc4-1248-4932-8aba-4351950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591bfcc4-1248-4932-8aba-4351950d210f",
"value": "https://www.virustotal.com/en/file/46ee7490b657edfbcbd6ebc2070548e2eb72bda3a054cf60fd7627345bd0575b/analysis/1494844171/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591bfcc7-1e10-492b-a57d-43ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"first_observed": "2017-05-17T08:41:58Z",
"last_observed": "2017-05-17T08:41:58Z",
"number_observed": 1,
"object_refs": [
"url--591bfcc7-1e10-492b-a57d-43ed950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591bfcc7-1e10-492b-a57d-43ed950d210f",
"value": "https://www.hybrid-analysis.com/sample/5968b7a89e5d1db8447b5343f20362ab713551a94226fb905fff7a067c770c79?environmentId=100"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfcc9-de70-45ac-9998-4997950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'http://urachart']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591bfcce-a7c4-4f4b-8071-491f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:41:58.000Z",
"modified": "2017-05-17T08:41:58.000Z",
"pattern": "[url:value = 'h552terriddows.com/a5/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591c0d02-622c-403e-a092-4e5d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:42.000Z",
"modified": "2017-05-17T08:42:42.000Z",
"description": "- Xchecked via VT: 46ee7490b657edfbcbd6ebc2070548e2eb72bda3a054cf60fd7627345bd0575b",
"pattern": "[file:hashes.SHA1 = '1a27d6090a49faffc06a5df91b5fe626ab9c3bfe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591c0d02-2ac0-4ef2-9491-49af02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:42.000Z",
"modified": "2017-05-17T08:42:42.000Z",
"first_observed": "2017-05-17T08:42:42Z",
"last_observed": "2017-05-17T08:42:42Z",
"number_observed": 1,
"object_refs": [
"url--591c0d02-2ac0-4ef2-9491-49af02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591c0d02-2ac0-4ef2-9491-49af02de0b81",
"value": "https://www.virustotal.com/file/46ee7490b657edfbcbd6ebc2070548e2eb72bda3a054cf60fd7627345bd0575b/analysis/1495009140/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591c0d02-8dec-4783-8010-485302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:42.000Z",
"modified": "2017-05-17T08:42:42.000Z",
"description": "- Xchecked via VT: 5968b7a89e5d1db8447b5343f20362ab713551a94226fb905fff7a067c770c79",
"pattern": "[file:hashes.SHA1 = '3f0854a535979bbf7f992850e3cc0d9e6f1401ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591c0d03-3760-4207-85b3-477602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:43.000Z",
"modified": "2017-05-17T08:42:43.000Z",
"first_observed": "2017-05-17T08:42:43Z",
"last_observed": "2017-05-17T08:42:43Z",
"number_observed": 1,
"object_refs": [
"url--591c0d03-3760-4207-85b3-477602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591c0d03-3760-4207-85b3-477602de0b81",
"value": "https://www.virustotal.com/file/5968b7a89e5d1db8447b5343f20362ab713551a94226fb905fff7a067c770c79/analysis/1494954523/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591c0d03-7a34-4e05-b3e1-44a402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:43.000Z",
"modified": "2017-05-17T08:42:43.000Z",
"description": "- Xchecked via VT: f5ebb00e1fb9bbcfe5ae742082e2002f",
"pattern": "[file:hashes.SHA256 = '41bce3e382cee06aa65fbee15fd38f7187fb090d5da78d868f57c84197689287']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--591c0d04-f690-4ae7-baf0-457c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:44.000Z",
"modified": "2017-05-17T08:42:44.000Z",
"description": "- Xchecked via VT: f5ebb00e1fb9bbcfe5ae742082e2002f",
"pattern": "[file:hashes.SHA1 = '83edee74728aa231cb77d62a442fa560c64ecdee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-17T08:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--591c0d04-a760-4f1e-89e8-462202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-17T08:42:44.000Z",
"modified": "2017-05-17T08:42:44.000Z",
"first_observed": "2017-05-17T08:42:44Z",
"last_observed": "2017-05-17T08:42:44Z",
"number_observed": 1,
"object_refs": [
"url--591c0d04-a760-4f1e-89e8-462202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--591c0d04-a760-4f1e-89e8-462202de0b81",
"value": "https://www.virustotal.com/file/41bce3e382cee06aa65fbee15fd38f7187fb090d5da78d868f57c84197689287/analysis/1494990394/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink