misp-circl-feed/feeds/circl/misp/59318aac-4e04-4616-9682-43ff950d210f.json

1710 lines
68 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--59318aac-4e04-4616-9682-43ff950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:58:31.000Z",
"modified": "2017-06-02T15:58:31.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59318aac-4e04-4616-9682-43ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:58:31.000Z",
"modified": "2017-06-02T15:58:31.000Z",
"name": "M2M - Jaff 2017-06-02 : \"Invoice INV-1234\" - \"Invoice INV-1234.pdf\"",
"published": "2017-06-02T15:58:47Z",
"object_refs": [
"indicator--59318aad-9c84-42d9-b8e2-ba67950d210f",
"indicator--59318aad-2dbc-4185-8a26-42ec950d210f",
"indicator--59318aae-f558-4a98-85c5-bae1950d210f",
"indicator--59318aaf-26cc-4c74-bfe7-bb84950d210f",
"observed-data--59318aaf-71bc-4df0-b19c-4676950d210f",
"network-traffic--59318aaf-71bc-4df0-b19c-4676950d210f",
"ipv4-addr--59318aaf-71bc-4df0-b19c-4676950d210f",
"indicator--59318ab0-67b4-4200-988a-4b12950d210f",
"indicator--59318ab1-0da4-441c-b0e0-43bd950d210f",
"observed-data--59318ab2-03c8-4097-af86-415e950d210f",
"network-traffic--59318ab2-03c8-4097-af86-415e950d210f",
"ipv4-addr--59318ab2-03c8-4097-af86-415e950d210f",
"indicator--59318ab4-e24c-465a-af2e-bb1d950d210f",
"indicator--59318ab5-c09c-4b4f-bd1b-40da950d210f",
"observed-data--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"network-traffic--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"ipv4-addr--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"indicator--59318ab8-4cf8-4748-b7c9-4a0d950d210f",
"indicator--59318ab9-2a0c-4603-95e3-ba67950d210f",
"observed-data--59318aba-877c-45f4-92c3-4074950d210f",
"network-traffic--59318aba-877c-45f4-92c3-4074950d210f",
"ipv4-addr--59318aba-877c-45f4-92c3-4074950d210f",
"indicator--59318abc-0368-4fb0-8101-49ed950d210f",
"indicator--59318abc-73ec-4a13-b070-bae1950d210f",
"observed-data--59318abd-3424-4567-bb19-bb84950d210f",
"network-traffic--59318abd-3424-4567-bb19-bb84950d210f",
"ipv4-addr--59318abd-3424-4567-bb19-bb84950d210f",
"indicator--59318abe-fff4-4ccc-9101-4ec8950d210f",
"indicator--59318abe-438c-471b-a62e-443d950d210f",
"observed-data--59318abf-4e34-4b4b-8083-44e3950d210f",
"network-traffic--59318abf-4e34-4b4b-8083-44e3950d210f",
"ipv4-addr--59318abf-4e34-4b4b-8083-44e3950d210f",
"indicator--59318ac0-5194-44d8-9b78-4e37950d210f",
"indicator--59318ac0-e094-4c70-9738-4ef2950d210f",
"observed-data--59318ac1-6260-4873-9be7-456d950d210f",
"network-traffic--59318ac1-6260-4873-9be7-456d950d210f",
"ipv4-addr--59318ac1-6260-4873-9be7-456d950d210f",
"indicator--59318ac2-6814-407a-9008-bb1d950d210f",
"indicator--59318ac2-7074-4b26-881c-1b5b950d210f",
"observed-data--59318ac3-4374-4076-b502-42dd950d210f",
"network-traffic--59318ac3-4374-4076-b502-42dd950d210f",
"ipv4-addr--59318ac3-4374-4076-b502-42dd950d210f",
"indicator--59318ac3-a618-4d43-a0ba-1b03950d210f",
"indicator--59318ac4-148c-4ae5-9369-49da950d210f",
"observed-data--59318ac7-f610-48ff-9c91-ba67950d210f",
"network-traffic--59318ac7-f610-48ff-9c91-ba67950d210f",
"ipv4-addr--59318ac7-f610-48ff-9c91-ba67950d210f",
"indicator--59318ac8-2d04-419c-b163-46fe950d210f",
"indicator--59318ac8-f2f4-48e2-ad99-6559950d210f",
"observed-data--59318ac9-6e6c-4355-b30f-4228950d210f",
"network-traffic--59318ac9-6e6c-4355-b30f-4228950d210f",
"ipv4-addr--59318ac9-6e6c-4355-b30f-4228950d210f",
"indicator--59318ac9-82a0-45b8-856b-bae1950d210f",
"indicator--59318aca-2b78-4a03-bb75-bb84950d210f",
"indicator--59318acc-bb4c-41fc-9e55-475c950d210f",
"indicator--59318acc-dbe0-48e3-9d15-435b950d210f",
"observed-data--59318acd-5a20-4344-a4da-499f950d210f",
"network-traffic--59318acd-5a20-4344-a4da-499f950d210f",
"ipv4-addr--59318acd-5a20-4344-a4da-499f950d210f",
"indicator--59318ace-f694-4699-a4b6-4fd8950d210f",
"indicator--59318ace-2648-4358-b884-bb1d950d210f",
"observed-data--59318acf-03f8-4cf4-8785-4c58950d210f",
"network-traffic--59318acf-03f8-4cf4-8785-4c58950d210f",
"ipv4-addr--59318acf-03f8-4cf4-8785-4c58950d210f",
"indicator--59318ad1-48a0-41db-951d-1b03950d210f",
"indicator--59318ad2-7e48-4aef-89a3-4ecf950d210f",
"observed-data--59318ad4-7f18-4f11-9a05-4b36950d210f",
"network-traffic--59318ad4-7f18-4f11-9a05-4b36950d210f",
"ipv4-addr--59318ad4-7f18-4f11-9a05-4b36950d210f",
"indicator--59318ad5-17e4-42b4-88c0-4060950d210f",
"indicator--59318ad6-07e4-4b4e-a52a-bae1950d210f",
"observed-data--59318ad8-8024-464f-b3cf-bb84950d210f",
"network-traffic--59318ad8-8024-464f-b3cf-bb84950d210f",
"ipv4-addr--59318ad8-8024-464f-b3cf-bb84950d210f",
"indicator--59318ad9-d22c-48a6-b6b4-46e0950d210f",
"indicator--59318ada-bd14-4741-8fd2-44a0950d210f",
"observed-data--59318ada-88c0-4100-b367-4ca2950d210f",
"network-traffic--59318ada-88c0-4100-b367-4ca2950d210f",
"ipv4-addr--59318ada-88c0-4100-b367-4ca2950d210f",
"observed-data--59318adb-41f0-4e85-a023-bb1d950d210f",
"network-traffic--59318adb-41f0-4e85-a023-bb1d950d210f",
"ipv4-addr--59318adb-41f0-4e85-a023-bb1d950d210f",
"indicator--59318adb-0f34-4f11-b527-1b5b950d210f",
"indicator--59318adc-5774-4b2e-8a10-41c5950d210f",
"observed-data--59318add-fb6c-419d-a0b4-1b03950d210f",
"network-traffic--59318add-fb6c-419d-a0b4-1b03950d210f",
"ipv4-addr--59318add-fb6c-419d-a0b4-1b03950d210f",
"indicator--59318add-6b10-41fb-aa6d-4686950d210f",
"indicator--59318ade-e500-474c-9c4e-43a3950d210f",
"observed-data--59318ade-763c-46ea-afe6-4dd4950d210f",
"network-traffic--59318ade-763c-46ea-afe6-4dd4950d210f",
"ipv4-addr--59318ade-763c-46ea-afe6-4dd4950d210f",
"indicator--59318adf-0270-4e33-b2f9-ba67950d210f",
"indicator--59318adf-24a8-4dfe-951a-4482950d210f",
"observed-data--59318ae1-07b0-41fe-9488-6559950d210f",
"network-traffic--59318ae1-07b0-41fe-9488-6559950d210f",
"ipv4-addr--59318ae1-07b0-41fe-9488-6559950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Jaff\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318aad-9c84-42d9-b8e2-ba67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:29.000Z",
"modified": "2017-06-02T15:56:29.000Z",
"pattern": "[file:hashes.MD5 = '29d88355954e0ef9be171f54567a2703']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318aad-2dbc-4185-8a26-42ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:29.000Z",
"modified": "2017-06-02T15:56:29.000Z",
"pattern": "[file:hashes.MD5 = '3a85cbd54b6c1afadaf06fbc6f1ef9b4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318aae-f558-4a98-85c5-bae1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:30.000Z",
"modified": "2017-06-02T15:56:30.000Z",
"pattern": "[url:value = 'http://dhaniearie.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318aaf-26cc-4c74-bfe7-bb84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:31.000Z",
"modified": "2017-06-02T15:56:31.000Z",
"pattern": "[domain-name:value = 'dhaniearie.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318aaf-71bc-4df0-b19c-4676950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:31.000Z",
"modified": "2017-06-02T15:56:31.000Z",
"first_observed": "2017-06-02T15:56:31Z",
"last_observed": "2017-06-02T15:56:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318aaf-71bc-4df0-b19c-4676950d210f",
"ipv4-addr--59318aaf-71bc-4df0-b19c-4676950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318aaf-71bc-4df0-b19c-4676950d210f",
"dst_ref": "ipv4-addr--59318aaf-71bc-4df0-b19c-4676950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318aaf-71bc-4df0-b19c-4676950d210f",
"value": "103.11.75.13"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab0-67b4-4200-988a-4b12950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:32.000Z",
"modified": "2017-06-02T15:56:32.000Z",
"pattern": "[url:value = 'http://doinlife.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab1-0da4-441c-b0e0-43bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:33.000Z",
"modified": "2017-06-02T15:56:33.000Z",
"pattern": "[domain-name:value = 'doinlife.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ab2-03c8-4097-af86-415e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:34.000Z",
"modified": "2017-06-02T15:56:34.000Z",
"first_observed": "2017-06-02T15:56:34Z",
"last_observed": "2017-06-02T15:56:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ab2-03c8-4097-af86-415e950d210f",
"ipv4-addr--59318ab2-03c8-4097-af86-415e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ab2-03c8-4097-af86-415e950d210f",
"dst_ref": "ipv4-addr--59318ab2-03c8-4097-af86-415e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ab2-03c8-4097-af86-415e950d210f",
"value": "108.179.228.212"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab4-e24c-465a-af2e-bb1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:36.000Z",
"modified": "2017-06-02T15:56:36.000Z",
"pattern": "[url:value = 'http://eselink.com.my/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab5-c09c-4b4f-bd1b-40da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:37.000Z",
"modified": "2017-06-02T15:56:37.000Z",
"pattern": "[domain-name:value = 'eselink.com.my']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:39.000Z",
"modified": "2017-06-02T15:56:39.000Z",
"first_observed": "2017-06-02T15:56:39Z",
"last_observed": "2017-06-02T15:56:39Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"ipv4-addr--59318ab7-52d0-4ba6-8bf7-4616950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"dst_ref": "ipv4-addr--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ab7-52d0-4ba6-8bf7-4616950d210f",
"value": "124.150.140.96"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab8-4cf8-4748-b7c9-4a0d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:40.000Z",
"modified": "2017-06-02T15:56:40.000Z",
"pattern": "[url:value = 'http://lanphuong.vn/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ab9-2a0c-4603-95e3-ba67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:41.000Z",
"modified": "2017-06-02T15:56:41.000Z",
"pattern": "[domain-name:value = 'lanphuong.vn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318aba-877c-45f4-92c3-4074950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:42.000Z",
"modified": "2017-06-02T15:56:42.000Z",
"first_observed": "2017-06-02T15:56:42Z",
"last_observed": "2017-06-02T15:56:42Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318aba-877c-45f4-92c3-4074950d210f",
"ipv4-addr--59318aba-877c-45f4-92c3-4074950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318aba-877c-45f4-92c3-4074950d210f",
"dst_ref": "ipv4-addr--59318aba-877c-45f4-92c3-4074950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318aba-877c-45f4-92c3-4074950d210f",
"value": "112.213.85.78"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318abc-0368-4fb0-8101-49ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:44.000Z",
"modified": "2017-06-02T15:56:44.000Z",
"pattern": "[url:value = 'http://lordheals.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318abc-73ec-4a13-b070-bae1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:44.000Z",
"modified": "2017-06-02T15:56:44.000Z",
"pattern": "[domain-name:value = 'lordheals.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318abd-3424-4567-bb19-bb84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:45.000Z",
"modified": "2017-06-02T15:56:45.000Z",
"first_observed": "2017-06-02T15:56:45Z",
"last_observed": "2017-06-02T15:56:45Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318abd-3424-4567-bb19-bb84950d210f",
"ipv4-addr--59318abd-3424-4567-bb19-bb84950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318abd-3424-4567-bb19-bb84950d210f",
"dst_ref": "ipv4-addr--59318abd-3424-4567-bb19-bb84950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318abd-3424-4567-bb19-bb84950d210f",
"value": "192.185.5.93"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318abe-fff4-4ccc-9101-4ec8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:46.000Z",
"modified": "2017-06-02T15:56:46.000Z",
"pattern": "[url:value = 'http://meiyizixun.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318abe-438c-471b-a62e-443d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:46.000Z",
"modified": "2017-06-02T15:56:46.000Z",
"pattern": "[domain-name:value = 'meiyizixun.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318abf-4e34-4b4b-8083-44e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:47.000Z",
"modified": "2017-06-02T15:56:47.000Z",
"first_observed": "2017-06-02T15:56:47Z",
"last_observed": "2017-06-02T15:56:47Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318abf-4e34-4b4b-8083-44e3950d210f",
"ipv4-addr--59318abf-4e34-4b4b-8083-44e3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318abf-4e34-4b4b-8083-44e3950d210f",
"dst_ref": "ipv4-addr--59318abf-4e34-4b4b-8083-44e3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318abf-4e34-4b4b-8083-44e3950d210f",
"value": "103.24.0.218"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac0-5194-44d8-9b78-4e37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:48.000Z",
"modified": "2017-06-02T15:56:48.000Z",
"pattern": "[url:value = 'http://midiconcept.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac0-e094-4c70-9738-4ef2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:48.000Z",
"modified": "2017-06-02T15:56:48.000Z",
"pattern": "[domain-name:value = 'midiconcept.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ac1-6260-4873-9be7-456d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:49.000Z",
"modified": "2017-06-02T15:56:49.000Z",
"first_observed": "2017-06-02T15:56:49Z",
"last_observed": "2017-06-02T15:56:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ac1-6260-4873-9be7-456d950d210f",
"ipv4-addr--59318ac1-6260-4873-9be7-456d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ac1-6260-4873-9be7-456d950d210f",
"dst_ref": "ipv4-addr--59318ac1-6260-4873-9be7-456d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ac1-6260-4873-9be7-456d950d210f",
"value": "193.70.38.218"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac2-6814-407a-9008-bb1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:50.000Z",
"modified": "2017-06-02T15:56:50.000Z",
"pattern": "[url:value = 'http://mountmary.ca/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac2-7074-4b26-881c-1b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:50.000Z",
"modified": "2017-06-02T15:56:50.000Z",
"pattern": "[domain-name:value = 'mountmary.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ac3-4374-4076-b502-42dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:51.000Z",
"modified": "2017-06-02T15:56:51.000Z",
"first_observed": "2017-06-02T15:56:51Z",
"last_observed": "2017-06-02T15:56:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ac3-4374-4076-b502-42dd950d210f",
"ipv4-addr--59318ac3-4374-4076-b502-42dd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ac3-4374-4076-b502-42dd950d210f",
"dst_ref": "ipv4-addr--59318ac3-4374-4076-b502-42dd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ac3-4374-4076-b502-42dd950d210f",
"value": "69.49.101.51"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac3-a618-4d43-a0ba-1b03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:51.000Z",
"modified": "2017-06-02T15:56:51.000Z",
"pattern": "[url:value = 'http://newserniggrofg.net/af/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac4-148c-4ae5-9369-49da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:52.000Z",
"modified": "2017-06-02T15:56:52.000Z",
"pattern": "[domain-name:value = 'newserniggrofg.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ac7-f610-48ff-9c91-ba67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:55.000Z",
"modified": "2017-06-02T15:56:55.000Z",
"first_observed": "2017-06-02T15:56:55Z",
"last_observed": "2017-06-02T15:56:55Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ac7-f610-48ff-9c91-ba67950d210f",
"ipv4-addr--59318ac7-f610-48ff-9c91-ba67950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ac7-f610-48ff-9c91-ba67950d210f",
"dst_ref": "ipv4-addr--59318ac7-f610-48ff-9c91-ba67950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ac7-f610-48ff-9c91-ba67950d210f",
"value": "13.58.5.152"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac8-2d04-419c-b163-46fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:56.000Z",
"modified": "2017-06-02T15:56:56.000Z",
"pattern": "[url:value = 'http://orhangazitur.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac8-f2f4-48e2-ad99-6559950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:56.000Z",
"modified": "2017-06-02T15:56:56.000Z",
"pattern": "[domain-name:value = 'orhangazitur.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ac9-6e6c-4355-b30f-4228950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:57.000Z",
"modified": "2017-06-02T15:56:57.000Z",
"first_observed": "2017-06-02T15:56:57Z",
"last_observed": "2017-06-02T15:56:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ac9-6e6c-4355-b30f-4228950d210f",
"ipv4-addr--59318ac9-6e6c-4355-b30f-4228950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ac9-6e6c-4355-b30f-4228950d210f",
"dst_ref": "ipv4-addr--59318ac9-6e6c-4355-b30f-4228950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ac9-6e6c-4355-b30f-4228950d210f",
"value": "109.232.220.235"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ac9-82a0-45b8-856b-bae1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:57.000Z",
"modified": "2017-06-02T15:56:57.000Z",
"pattern": "[url:value = 'http://resevesssetornument.com/af/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318aca-2b78-4a03-bb75-bb84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:56:58.000Z",
"modified": "2017-06-02T15:56:58.000Z",
"pattern": "[domain-name:value = 'resevesssetornument.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:56:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318acc-bb4c-41fc-9e55-475c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:00.000Z",
"modified": "2017-06-02T15:57:00.000Z",
"pattern": "[url:value = 'http://shrideva.co.in/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318acc-dbe0-48e3-9d15-435b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:00.000Z",
"modified": "2017-06-02T15:57:00.000Z",
"pattern": "[domain-name:value = 'shrideva.co.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318acd-5a20-4344-a4da-499f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:01.000Z",
"modified": "2017-06-02T15:57:01.000Z",
"first_observed": "2017-06-02T15:57:01Z",
"last_observed": "2017-06-02T15:57:01Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318acd-5a20-4344-a4da-499f950d210f",
"ipv4-addr--59318acd-5a20-4344-a4da-499f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318acd-5a20-4344-a4da-499f950d210f",
"dst_ref": "ipv4-addr--59318acd-5a20-4344-a4da-499f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318acd-5a20-4344-a4da-499f950d210f",
"value": "103.21.59.168"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ace-f694-4699-a4b6-4fd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:02.000Z",
"modified": "2017-06-02T15:57:02.000Z",
"pattern": "[url:value = 'http://strassensammler.de/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ace-2648-4358-b884-bb1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:02.000Z",
"modified": "2017-06-02T15:57:02.000Z",
"pattern": "[domain-name:value = 'strassensammler.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318acf-03f8-4cf4-8785-4c58950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:03.000Z",
"modified": "2017-06-02T15:57:03.000Z",
"first_observed": "2017-06-02T15:57:03Z",
"last_observed": "2017-06-02T15:57:03Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318acf-03f8-4cf4-8785-4c58950d210f",
"ipv4-addr--59318acf-03f8-4cf4-8785-4c58950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318acf-03f8-4cf4-8785-4c58950d210f",
"dst_ref": "ipv4-addr--59318acf-03f8-4cf4-8785-4c58950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318acf-03f8-4cf4-8785-4c58950d210f",
"value": "81.169.145.86"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ad1-48a0-41db-951d-1b03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:05.000Z",
"modified": "2017-06-02T15:57:05.000Z",
"pattern": "[url:value = 'http://suninsulation.com.au/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ad2-7e48-4aef-89a3-4ecf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:06.000Z",
"modified": "2017-06-02T15:57:06.000Z",
"pattern": "[domain-name:value = 'suninsulation.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ad4-7f18-4f11-9a05-4b36950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:08.000Z",
"modified": "2017-06-02T15:57:08.000Z",
"first_observed": "2017-06-02T15:57:08Z",
"last_observed": "2017-06-02T15:57:08Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ad4-7f18-4f11-9a05-4b36950d210f",
"ipv4-addr--59318ad4-7f18-4f11-9a05-4b36950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ad4-7f18-4f11-9a05-4b36950d210f",
"dst_ref": "ipv4-addr--59318ad4-7f18-4f11-9a05-4b36950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ad4-7f18-4f11-9a05-4b36950d210f",
"value": "182.160.158.62"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ad5-17e4-42b4-88c0-4060950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:09.000Z",
"modified": "2017-06-02T15:57:09.000Z",
"pattern": "[url:value = 'http://systemalu.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ad6-07e4-4b4e-a52a-bae1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:10.000Z",
"modified": "2017-06-02T15:57:10.000Z",
"pattern": "[domain-name:value = 'systemalu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ad8-8024-464f-b3cf-bb84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:12.000Z",
"modified": "2017-06-02T15:57:12.000Z",
"first_observed": "2017-06-02T15:57:12Z",
"last_observed": "2017-06-02T15:57:12Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ad8-8024-464f-b3cf-bb84950d210f",
"ipv4-addr--59318ad8-8024-464f-b3cf-bb84950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ad8-8024-464f-b3cf-bb84950d210f",
"dst_ref": "ipv4-addr--59318ad8-8024-464f-b3cf-bb84950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ad8-8024-464f-b3cf-bb84950d210f",
"value": "143.95.239.62"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ad9-d22c-48a6-b6b4-46e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:13.000Z",
"modified": "2017-06-02T15:57:13.000Z",
"pattern": "[url:value = 'http://vibehouserecords.com/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ada-bd14-4741-8fd2-44a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:14.000Z",
"modified": "2017-06-02T15:57:14.000Z",
"pattern": "[domain-name:value = 'vibehouserecords.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ada-88c0-4100-b367-4ca2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:14.000Z",
"modified": "2017-06-02T15:57:14.000Z",
"first_observed": "2017-06-02T15:57:14Z",
"last_observed": "2017-06-02T15:57:14Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ada-88c0-4100-b367-4ca2950d210f",
"ipv4-addr--59318ada-88c0-4100-b367-4ca2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ada-88c0-4100-b367-4ca2950d210f",
"dst_ref": "ipv4-addr--59318ada-88c0-4100-b367-4ca2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ada-88c0-4100-b367-4ca2950d210f",
"value": "104.27.176.10"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318adb-41f0-4e85-a023-bb1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:15.000Z",
"modified": "2017-06-02T15:57:15.000Z",
"first_observed": "2017-06-02T15:57:15Z",
"last_observed": "2017-06-02T15:57:15Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318adb-41f0-4e85-a023-bb1d950d210f",
"ipv4-addr--59318adb-41f0-4e85-a023-bb1d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318adb-41f0-4e85-a023-bb1d950d210f",
"dst_ref": "ipv4-addr--59318adb-41f0-4e85-a023-bb1d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318adb-41f0-4e85-a023-bb1d950d210f",
"value": "104.27.177.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318adb-0f34-4f11-b527-1b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:15.000Z",
"modified": "2017-06-02T15:57:15.000Z",
"pattern": "[url:value = 'http://yoyogi.com.au/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318adc-5774-4b2e-8a10-41c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:16.000Z",
"modified": "2017-06-02T15:57:16.000Z",
"pattern": "[domain-name:value = 'yoyogi.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318add-fb6c-419d-a0b4-1b03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:17.000Z",
"modified": "2017-06-02T15:57:17.000Z",
"first_observed": "2017-06-02T15:57:17Z",
"last_observed": "2017-06-02T15:57:17Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318add-fb6c-419d-a0b4-1b03950d210f",
"ipv4-addr--59318add-fb6c-419d-a0b4-1b03950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318add-fb6c-419d-a0b4-1b03950d210f",
"dst_ref": "ipv4-addr--59318add-fb6c-419d-a0b4-1b03950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318add-fb6c-419d-a0b4-1b03950d210f",
"value": "27.124.113.33"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318add-6b10-41fb-aa6d-4686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:17.000Z",
"modified": "2017-06-02T15:57:17.000Z",
"pattern": "[url:value = 'http://zvezda-k.ru/hH60bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318ade-e500-474c-9c4e-43a3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:18.000Z",
"modified": "2017-06-02T15:57:18.000Z",
"pattern": "[domain-name:value = 'zvezda-k.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ade-763c-46ea-afe6-4dd4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:18.000Z",
"modified": "2017-06-02T15:57:18.000Z",
"first_observed": "2017-06-02T15:57:18Z",
"last_observed": "2017-06-02T15:57:18Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ade-763c-46ea-afe6-4dd4950d210f",
"ipv4-addr--59318ade-763c-46ea-afe6-4dd4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ade-763c-46ea-afe6-4dd4950d210f",
"dst_ref": "ipv4-addr--59318ade-763c-46ea-afe6-4dd4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ade-763c-46ea-afe6-4dd4950d210f",
"value": "81.177.139.23"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318adf-0270-4e33-b2f9-ba67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:19.000Z",
"modified": "2017-06-02T15:57:19.000Z",
"pattern": "[url:value = 'http://whoisfoxxrobiouy.net/a5/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59318adf-24a8-4dfe-951a-4482950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:19.000Z",
"modified": "2017-06-02T15:57:19.000Z",
"pattern": "[domain-name:value = 'whoisfoxxrobiouy.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-02T15:57:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59318ae1-07b0-41fe-9488-6559950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-02T15:57:21.000Z",
"modified": "2017-06-02T15:57:21.000Z",
"first_observed": "2017-06-02T15:57:21Z",
"last_observed": "2017-06-02T15:57:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59318ae1-07b0-41fe-9488-6559950d210f",
"ipv4-addr--59318ae1-07b0-41fe-9488-6559950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59318ae1-07b0-41fe-9488-6559950d210f",
"dst_ref": "ipv4-addr--59318ae1-07b0-41fe-9488-6559950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59318ae1-07b0-41fe-9488-6559950d210f",
"value": "5.101.66.85"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}