2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type" : "bundle" ,
"id" : "bundle--594a23b3-e954-44cd-98d7-4e2a950d210f" ,
"objects" : [
{
"type" : "identity" ,
"spec_version" : "2.1" ,
"id" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:50:38.000Z" ,
"modified" : "2017-06-21T08:50:38.000Z" ,
"name" : "CIRCL" ,
"identity_class" : "organization"
} ,
{
"type" : "report" ,
"spec_version" : "2.1" ,
"id" : "report--594a23b3-e954-44cd-98d7-4e2a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:50:38.000Z" ,
"modified" : "2017-06-21T08:50:38.000Z" ,
"name" : "Malspam 2017-06-21 'Job Application'" ,
"published" : "2017-06-21T08:50:47Z" ,
"object_refs" : [
"indicator--594a2446-26d8-4dca-96de-4a8b950d210f" ,
"indicator--594a2446-b454-4533-a599-43f7950d210f" ,
"indicator--594a2446-f688-42c7-9d88-4347950d210f" ,
"indicator--594a24cb-50f8-4780-a52c-4bf1950d210f" ,
"indicator--594a24cb-6980-4b9f-89e7-44a0950d210f" ,
"indicator--594a24cb-a444-442f-8894-4890950d210f" ,
"observed-data--594a24ea-a8f4-42a0-8b7c-4b5f950d210f" ,
"email-message--594a24ea-a8f4-42a0-8b7c-4b5f950d210f" ,
"observed-data--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"email-message--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"email-addr--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"observed-data--594a2575-71fc-496d-b90c-4f63950d210f" ,
"email-message--594a2575-71fc-496d-b90c-4f63950d210f" ,
"indicator--594a28eb-b348-4450-ab37-4723950d210f" ,
"indicator--594a28eb-b06c-4a08-ba50-47e5950d210f" ,
"indicator--594a28eb-1924-43eb-91e6-4206950d210f" ,
"indicator--594a28eb-1234-4648-aeaa-464c950d210f" ,
"indicator--594a28eb-a9b8-40ac-a705-4868950d210f" ,
"indicator--594a28eb-ad70-42f1-90a4-4a47950d210f" ,
"indicator--594a28eb-7cd0-4a8c-858b-4654950d210f" ,
"indicator--594a28eb-6124-4899-b244-492d950d210f" ,
"indicator--594a28eb-0800-4f00-ba79-4701950d210f" ,
"indicator--594a28eb-d868-4ba0-b7d0-4b47950d210f" ,
"indicator--594a28eb-30c0-4169-9b2a-4494950d210f" ,
"indicator--594a28eb-fc14-4e3a-981b-4a38950d210f" ,
"indicator--594a28eb-aa80-40d2-a2e9-4c64950d210f" ,
"indicator--594a28eb-e9d8-4e3c-88f0-438a950d210f" ,
"indicator--594a28eb-5d48-4420-aa62-46d2950d210f" ,
"indicator--594a28eb-d390-4238-9624-4638950d210f" ,
"indicator--594a28eb-73ec-4a23-be3b-44e2950d210f" ,
"indicator--594a28eb-7054-4388-b650-4066950d210f" ,
"indicator--594a28eb-cc30-4e05-803c-40e8950d210f" ,
"indicator--594a28eb-8d5c-4ba2-9ebc-4a2b950d210f" ,
"indicator--594a28eb-3394-4133-9e9d-4043950d210f" ,
"indicator--594a28eb-71e4-41cf-9d35-4f59950d210f" ,
"indicator--594a28eb-a714-4f54-84e9-407e950d210f" ,
"indicator--594a28eb-80b8-4cef-9de1-41b7950d210f" ,
"indicator--594a28eb-fc5c-4917-b900-40ad950d210f" ,
"indicator--594a28eb-075c-4f0d-90ad-4d87950d210f" ,
"indicator--594a28eb-4718-4fef-aa66-44c8950d210f" ,
"indicator--594a28eb-5024-479b-9630-4806950d210f" ,
"indicator--594a28eb-b520-4c10-ac34-4839950d210f" ,
"indicator--594a28eb-b9e0-4782-87db-4137950d210f" ,
"indicator--594a28eb-d4a4-46f4-9a37-406b950d210f" ,
"indicator--594a28eb-5818-4386-989b-4868950d210f" ,
"indicator--594a28eb-7938-499d-8289-468a950d210f" ,
"indicator--594a28eb-fbe4-4528-b5ca-4a85950d210f" ,
"indicator--594a28eb-e638-40b1-94c3-4908950d210f" ,
"indicator--594a28eb-5a0c-4af5-a88f-48ef950d210f" ,
"indicator--594a28eb-f810-4c30-9411-4d3b950d210f" ,
"indicator--594a28eb-aaa4-45d3-a0e1-4923950d210f" ,
"indicator--594a28eb-85d8-4b0d-af45-4532950d210f" ,
"indicator--594a28eb-c874-4b7f-90a1-4ede950d210f" ,
"indicator--594a28eb-285c-4e80-801e-4005950d210f" ,
"indicator--594a28eb-9c70-4de2-a0ff-4da3950d210f" ,
"indicator--594a28eb-cc4c-46a5-9888-496f950d210f" ,
"indicator--594a29b5-0238-4494-a277-4d45950d210f" ,
"indicator--594a29b5-ba30-40be-8407-4ada950d210f" ,
"indicator--594a29b5-34a8-43e0-9ae5-41c6950d210f" ,
"indicator--594a29b5-a760-4298-85d8-4cd2950d210f" ,
"indicator--594a29b5-5bb8-490a-91ce-4c83950d210f" ,
"indicator--594a29b5-2398-4f74-9759-433d950d210f" ,
"indicator--594a29b5-ffc8-4015-bf27-40a4950d210f" ,
"indicator--594a29b5-3270-478b-8f75-4d92950d210f" ,
"indicator--594a29b5-4bf4-414b-bce5-41ee950d210f" ,
"indicator--594a29b5-1758-4114-a8c1-4244950d210f" ,
"indicator--594a29b5-ca20-45cd-b413-4b8a950d210f" ,
"indicator--594a29b5-db30-4542-b9e7-40f1950d210f" ,
"indicator--594a29b5-b6e0-4af3-a6b4-4c2a950d210f" ,
"indicator--594a29b5-0014-499f-a13f-40c0950d210f" ,
"indicator--594a29b5-056c-4cdc-b97d-4509950d210f" ,
"indicator--594a29b5-b190-469c-af6c-4e7b950d210f" ,
"indicator--594a29b5-9914-4eed-8fe4-4bde950d210f" ,
"indicator--594a29b5-a9c0-4af7-9b28-44fb950d210f" ,
"indicator--594a29b5-e2a8-4f0c-97be-4597950d210f" ,
"indicator--594a29b5-86fc-4a83-b35d-4934950d210f" ,
"indicator--594a29b5-a1ac-4976-a865-42d7950d210f" ,
"indicator--594a29b5-f49c-4911-903c-40a1950d210f" ,
"indicator--594a29b5-77fc-4a3f-ae9d-42e6950d210f" ,
"indicator--594a29b5-7fec-4548-b8fb-4ff9950d210f" ,
"indicator--594a29b5-bdc4-435f-aaa2-44ad950d210f"
] ,
"labels" : [
"Threat-Report" ,
"misp:tool=\"MISP-STIX-Converter\"" ,
"circl:incident-classification=\"malware\"" ,
"MalSpam"
] ,
"object_marking_refs" : [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a2446-26d8-4dca-96de-4a8b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:46:14.000Z" ,
"modified" : "2017-06-21T07:46:14.000Z" ,
"description" : "Executable VB file" ,
"pattern" : " [ f i l e : c o n t e n t _ r e f . p a y l o a d _ b i n = ' U E s D B B Q A C Q A I A M c 91 U q i I W Z 5 r E d L A A A g T A A g A B w A M 2 F l N W E x M 2 M 1 M G N m Y 2 N l N W U 2 N T Y y N D A 3 M j c 4 M m Q w Y W F V V A k A A 0 U k S l l F J E p Z d X g L A A E E I Q A A A A Q h A A A A 46 W V B q v K y X L w B y v 3 r Y z n C 8 b Z J 8 w h C d 3 y f C g l P 9 m B G r 3 X f W y g G 6 B w P a c A 6 S c T l k 5 w N 1 X 3 q 8 X 3 f 5 P h d P N u 4 M s h s H e 0 P Z g w h 6 p B h 2 A 6 z k q K g k O D F M / G v 54 N q o G t S t y 1 S i 9 F Y i 3 u y d v s w h u B b T Y 3 Z U 8 t + 7 N v O C o u z q R F x 0 / k C K 4 N k h 7 K 2 R h D K w a X J f 2 u 2 H G A J a o P M D v n v L i T N + 2 s F Y F 1 I L T N c 8 E / c o y C N h 4 F R C 1 C / w + c N s p 3 //mn+qqIuFpxhD6seSZhfdRcRk0/CrMDDnqw/Pl2+eBHxPmsjDLbBlKMfEHTzdWIINlTHCQxV5oyjcflh/gweOap5c3HZ7mIOdfULGTerKiXsGkfRR63eVmwLyJpBMtj6fWm9UNJF6ZINSgfS57PQQuWLNCtEj56V/iG4YT8Rycw0iivdjYHRzAbjfE+y3ESSoP5JyIl65sKCTItIN5pQuShXeORouquJHlq18VuJafsyb1wUjCgGQEl6066Vg2LyWNaRG+aHKQleNULWg31amjbhqQkcYqF3kxSVlruKKaEY81JIDBfnRpPzNtpYT02I/54Yzm5hzDfoRFLnwfMbnxg7qSoGvG6o2B3rm8llB5VwhMlJCtPQVi+t4NEHnzp0x4idGDte+zzSQTCA8frdJEPvK1ELC2SmLU1D7JDfU1s4JM8Fh2zRV4uN/Ivsj3TBr6p84AD1QC+Bq122xRetAiuQGDgLIgYPBsY4yQzuhwQU4X9z4oiRRjHVcKrJExduPCS1DHHq4sf2aD8XLL8zMKKZ83vuRZTv+YhWvME8gaO0TzMtQjFtTrh7G7LCcE1uSHk4NyIb2O7umJUgltiNwS+05xpYUC6lYlUts9YABLvoLjVV+yAL4daHJivOKG3DBUoVASf71b8EBMFXwQh512TideoLk7U/86PhTzzjdjJZdGJ7jXF7BlFWiYlXtBKXA8x/Qx6A+FYByrQ9h+h0of+o1s10HBdPcgtBOSbnZDAqbc77+Y2GTM5PGus0jR8TLsmWnR/18FsQ07WaxTHrnetPkDidJhCuVKj5SD6vYz9+uBURz3NqHZZEvOKOJiVXnUaqwCWpy3PXqn3aRq87blXlNKTLL1J4pGoCINJvnpQ3oF1F1Ds2S30+DGOjsZRxu1si2ByqE3JC4kq7acQfn3jEHw90E6yoc6FGlEnbImxd4TCqvjl9sx5AWS96tGQ5W44BWLDjDul+Od7QNyBOpWgCBYj+GGQ6hq+iOqqsWMjMqXiFW18dRkOwluawR3dZtKWk8RPakz6zY7le3K0+eJOSnOULsTKKFX9GmoJTEquRJ6Kr98UiMppDdI40NTfiq+ob3s68QI2u9tjWKt2dc0CeapmVv0Os+n21h45iZ9KzYYst14D4gu4+dAQ6FYjzlLsqgrIjzGXJdnkbn5h+ljbHribUGvAGpPwp1STPIXspk8Ts1/j2mkvHeZGIAgP7REp/7iAsA8oRwsrzb11dkBuHikmv5dSelROV2KzIPAmLmCU98bWGo78p/OvOTP3WWRtfzHxdSEhQmLClcx/FHPclTHMv88oZkQ9VEHDOWUZwfuMkDPnLk7ojeU91IC55r9gcV9GnxX9o7Y/RutJgJlf2qO9jJYv2OjjqNEnIudK0jFOp5HHXMjcVIe86DK6z77knf83dXTy5FUZ1Mq3IqvSN0tOziTvNxSNKrGvIu+PG7TiirsR3/MRTOI+Hgmauaf2M5SQtgpAEgq2MaT21dd07uMPy63mBpPgXG2/AeNaFm9F5+80wxf6bGEB+sT1+aVokUNcmQbamMfcffiALGTVQlyEsumEmewy4p3Ht/9zXUMzVpjwYVhljm+VoWaQ5o3j5r2E5ew7TJyZvIJz3L8ItL09ocMOC42y/aKvpwTeWK2b6aV9aMaLcTKIamDLM/Sba22oLFMjTD96az4DQ+mHE8+A1oKVNH5/0l/JS3xE5pIEdDRCgi9bUzkmL8phxvi6vQmMPFPwNkOkOhz+L9HJKvMk1vWt/oiWilRmvmmk5oKhFS+2LgGLp/9lvk2pecIiDSXvSDCAi8C+3s9anLfSVSxAHGOb4hJnb2aPIVo+7GMT+V2HK/96kx0530IyahEM1OrfjDlpDy3Rzhs4uwUqFlmQUplodqXOShR99p4UdwMzEzgvfk5BFIhbkOLuuBfANLEVAB1frlIohnpKmpf1PqDtsTYZ0/5WcXPNaqJYme4zV4BQcg+b8q+DduiUI3LyAgrT0INPZsBHmJSEEhhi7KtN9WkZptYGlAaUtnp3B5Bs9ZbdC5iOaGzCfekdOVP72Z0thI1Mvvem+qKG4d9X3CI4PJ0zTvjcTCkMcc39bOS6A0FKz9MMZM+Hd/YwFCCAaLdeIsO1nQumDs0B7p8858pi45HyOdPjjugrhGUuG1V6FQmbj5HRPDlqaIuKNoOXXJJ/rLVkFMZeNZ+ClSLSFahSVTGHcdvvnUOwIoXIWcqjCal8opO3kkJMXBqoTmuZlPVTve3of3GWBf68DX9M/1LQ59vDv5izzoV7e93mDc4H+aVQ4LDiPukOWNNYbclJA9ctEdZGBzP2boemMQ/kzWIDrsz507uerhEkBNqoSHDHi1B/fbeBh4E8Vxxr7EgFa+QrRJyMnHV9pdbB6P6g+qw79sqxrLQRX9OjDlLuGhYx+2IQf4MxaaY13P+ZQP3axr6PEwFg3Tb6vH5OC4QdKDggpc1+Qy+ZPl86QdzAo0I8ZqkH9z8+xFgk4hb4Al36L9/CAEp+Chn4khzvj0jKruSfUosYTe0EpiZaRvnUGbVmzJP2Lk/suDqkVQK2Zt7SIPNiZ49uxbsCg3NrHzoNj63pe8Xy2abtoGmncwEn16rsxCVHOujFKeQw1WWG/54ZCF5dUhDC4EMGzi4fjf1+2D0/Kwnw0+IZG7K3awwbTI8bLgT5cOncomhSZDkMFAU05oP+B7eOidbYB+La6fFmU2oQhp3zdA+dHjV9w/2urWBdHc8gAiPNuzYanHgcj+BqwQUX0MsiRe5iGRPqDUTkXn8c42MOWOz2g1PPJ0xWNdoHTNraAenNfOHFq0pgEU1SV/hmFKOikhe+GiUJ6MBu5wml5l+7WW2AkhspGxVe1y6tWgZ1yUwJPbvCg4Vwti1m6JZY6zoUA9Erl6KhZbAFMAyjxWNtlKviVgLnXnc96Td6ZREirByL2HoWcOJ4w+1Kskcu5z/2TIVaXFfTHQ/30B823L2iMcVVRDK28BPkDITWLenKeWrdn47y0G9rwGnMc7lU6BFJk/b0T73XeGULQHijBoTUBdUbGey18hwWnyx/fRQMFgHbwsPdmUu84UXvvkzGRD/0Put9tGrNhMnjNeSkR8GNVLhqZHtvUUnX1C2uSfT8kZfUkmR8dMEM5mGd1IlEVI84V+3ZihQMiqW+4JDGSys1+fxYkiL9YnCdis66P9Sxrhi0HcxLzVd/ylXyqM04q3CzZgL2t2I2Ci1Q+qwvlVB/JEvFG/fWOJMTbZs8Sm1M2uuwTdOVqP9aVWwBMD9I2UZW3wcv7qluofOb5D9reJDZE+oUlFVo8unGpTXEqKk65oYlBQtGmGK3WbRQkLC7+bb/7gf3frYYQZLAublde6y7XJfjEZ2RSNhyPGu79eSeo2+mNZp1hWl8MrflR3L68z+U3IReU1JUqCFL5gy7mn7LclGNXuUh9GmX0VfzgRfQt3sBtMuZD3+E+8TyAsxf+CJt/yBlQIE2zujC6djJ66ob3uWrc+b6BmT4Z1BZGKiSoWlhslcj9Xgw9O9Fnx84GFvTFyKIMWbGHG69F5LRZFMZkFNTv43iWFFPW4ZSdptF9v1u6hSu/hT1V62XFBohLNfmgIpENoPohn2z62hx1ihtX0AE/IPuuC/j8XTDVPKyA64TRtCMgNdRJy5eIVaoGWqlCPCNdV0v5F44MecB4jMcSm
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:46:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload installation"
}
] ,
"labels" : [
"misp:type=\"malware-sample\"" ,
"misp:category=\"Payload installation\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a2446-b454-4533-a599-43f7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:46:14.000Z" ,
"modified" : "2017-06-21T07:46:14.000Z" ,
"description" : "Executable VB file" ,
"pattern" : "[file:name = 'poop.jpg' AND file:hashes.SHA1 = '6d275d237668f13ab001a295c0d3233129c058a1']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:46:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload installation"
}
] ,
"labels" : [
"misp:type=\"filename|sha1\"" ,
"misp:category=\"Payload installation\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a2446-f688-42c7-9d88-4347950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:46:14.000Z" ,
"modified" : "2017-06-21T07:46:14.000Z" ,
"description" : "Executable VB file" ,
"pattern" : "[file:name = 'poop.jpg' AND file:hashes.SHA256 = '524ad16ac80b196a5507fc45adfff6edc2938d498bc8e736ac69a8be7e5e8034']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:46:14Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload installation"
}
] ,
"labels" : [
"misp:type=\"filename|sha256\"" ,
"misp:category=\"Payload installation\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a24cb-50f8-4780-a52c-4bf1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:48:27.000Z" ,
"modified" : "2017-06-21T07:48:27.000Z" ,
"description" : ".doc container via Email" ,
"pattern" : " [ f i l e : c o n t e n t _ r e f . p a y l o a d _ b i n = ' U E s D B B Q A C Q A I A A 4 + 1 U r J j N c H f h c C A A D s A g A g A B w A M j Q y N G I 0 N j Y 0 Z T V i N W F h Y z l i M j A 4 O D Z m M T c 5 Z G M 3 N j Z V V A k A A 8 s k S l n L J E p Z d X g L A A E E I Q A A A A Q h A A A A V D U m N j d K f e U n 15 G F k h S s k K z k 4 n k 4E6 J n 9 d F Z k o B W 98 z A d h i P D Q 2 O d M X 8 z y 0 F / B 9 T c i C 5 N s c 5 K 4 M 0 A z s t O o J u w Z 57 f P m y Y 5 Y S a / V D y q / U 9 y S 7 b 6 / O s B G J Q 2 U O e B y / M x 1 s k L g t J z + z J J U 7 W Z h Q e n 8 P Q w E Y 47 L o x 5 i J j h / X V 3 e a E V t Z f f K Z 6 F J l l + w s P R a w l i M D C V U 9 E C P M R B T D T Z 3 M M T G G y a 9 G c C s b g w F T j c 6 g G K 1 s Z U 8 W P f h h 1 C h t B k S / 8 f f W 9 v N 1 o W C D h T f x T E y Z T 9 z F X J e I r q C m L U u O N e L q L 8 D r S A N y c T f C s / x l K Y 84 o 9 o 4 t h 8 I 9 r + + a 3 N G s O C J 4 Z i k m P I c q U v J D q Q i s K / 9 U D r l r P v l i F H R t c 1 b 9 m 9 m 0 H R u U M + 3 d h T O + U d 0 2 o W h e q O 7 s t 3 z Z a l R u T z s V C Q x d d X h / x q e S I t 5 v 3 A K Y W c B k f s O J k 9 d j + v 64933 w d 1 U q R O P v d 7 L w Z 2 u g 16 s f + i o R w 0 z H u h 4 d 9 t V k l 0 I r Q j 1 O m k i n 41 V 8 q C C f d 2 G C Y + b Y r 4 m Q g l y f 8 c x L n / 3 U w 4 e N 6 + A I A y x n y f a M G V G u B f N B q Z O W 1 j O K I N c s b L W 7 I r L C g l W N c a / o r Z J c 3 Z s H 7 w 5 H r C T O R H m 0 g F W S 6 j Y 7 n 4 t k 6 / 4 C s Y e X 3 x G q U f 57 B o k Z G N R l W i 9 S 3 Z M O A 5 t 5 a / P d j n n w 8 B d t Y F y 3 L V o h y h F a C X p R v q p k N G X h M 3 V v G h 0 F w g n Q m + k / l P I g 9 h D w m s C w u D 4 B d 1 l j c G X p Z A B u b j s v V 9 L J i o q l Y 2 y S i k w S A f E 4 u 2 / G j I M F + B w Y D m D 1 k q q L z 30 D X e 0 I Q 3 l i x 6 / F k T J c Y 8 m f k z x 4 N k X g R v O t z + C A B Q 7 V W t + I C 1 B H Y q x c 3 Z G 5 D A r + T p n r T s M w / Q Y t / U v i g V G y o S e A q D m H D 1 x 5 B 8 Q C X g L J z b 0 9 q B t e P Z c g n b R x W 9 q F F G T f V B 4 H 3 x Z I X b G N 0 e v Z W p N t 70 u J + 3 E H l 1 M e V Z q X Z 8 + s K J m m m J S G C G s Q s 6 U p d 3 m n Z Z c + J j 2 c / M r K h v t C P D Z C o + u Y t H c e K 8 v D 3 G a e 5 a Y t c u D b U h I k E f p l D 6 E f f + D O k / R d L Y 8 p E r R o L A p L 4 T E V T 5 f T Q c x / 4 L W L o O U b q B h U D p A P W m 0 a H z f m 8 W t g g L B 0 6 Q R 39 / 8 M 36 W P 3 h Q x 8 C I Q Y v X g d 5 p T S 6 I e d X U U q n X 896 V 8 d R T 9 q + Q k Z k F z 5 w v w U K f s p 1 h d A j T S D q 9 R D o K K U S 1 L q G 1 o N 9 c 8 D H U A N W 0 j u o w W D H A v D A 6 b L d L + b U s b d h d 9 X g b H b V t J 2 L M l I T g f M 3 q J a b l n I 5 H 9 h H 4 r S L L x 4 e v E 6 + M v n 1 U + q P 765 D L 2 B R s 7 n z m G o R c X x O 0 y c v H t Y Q o e D O C 1 F v E y F J v o 2 a n M X 6 Q J n q F U n g P 11 R C L A L w A s c i X 9 t U + 2 t n 0 s x h 5 M 7 i Y 0 x a D y i y E L r m 4 o x X v 17 g 1 A N e h d 8 B O / D O + V o Z i z s w k s r T O T z f c D 1 M a K 6 Z 6 O R m F 9 I 0 1 p i l S 9 K U Q x d w i t U O R H K b n M D p q w 1 x t 85 r F 2 L / K 33 n u B 0 u y H N Q K A y f a W 0 D P C F z H f Q l Y S 68 r r P Y A b k U q G w t b 5 + / l E G G i d m z K n R 6 A Y q e y V I l D 8 y V N 4 P k h 0 X M d U W A v 6 N v N t y g 4 E S b X L c Y i D 2 n 4 I I m t N B c l U V 2 S 7 f J A 4 t S 4 U 0 9 h j 4 h u I y e Y b Z U y 8 i S r U C 7 X Z f B n k Y b 1 G h t w f q 5 Y 0 X C G 1 v 5 t 4 F X D 4 J T 9 X K A K 268 S Z a O d 6 d A 44 / 0 6 c y E 92 D c p 6 b H d q E 5 j / R H G 4 y T 55 M G 8 W V n g S 3 y W X e 62 T S F X a 2 b C B h z 4 n V e K c f e i H 7 o 0 F 6 C v B T W 8 y o N P 5 j 63 a d t 0 C 7 i 6 G P 5 G g M / d Q o 5 l r B j M 7 z k C 8 D Z c r / F X 9 f X C K w b c w K G V L A X E D B x 3E2 k o D q f W a 6 R d k x u D e g 0 p V p G C l L z P T M q O O 8 b V z 6 J g B 38 A h L G g A e E D 50 a Q y c Q 0 t q G B 5 N w c D k R Z 8 E W s U l r Z A o a 0 D s j k H A H d D Z u d P D t N s m 0 e v L T i f 5 M 2 C Q 54 S d F l m t J Q g C z T 8 c Y v q A o k 2 K Q G Z s g A v N N q b w w R t k n A U 8 t 26 E p 857 J Y E P b M M n G + E q J o l d 3 p n U Z v M 4 M q u t B B S z / O 7 D I G n Y J l R f L Q w h U G w c z P 7 E j J b a n 1 Z p t A F T q e g W z Z o D L Q 3 g G j W U C c A f w 3 f R d S C y m t B x k 5 W Y F V Y l v j / W j R g 3 J p b w B C e a i 1 E a g / D o C m R j 4 N / d S r 310 P l 0 x y H J J O c w / D L g 1 + t o K L e U d p 6 J Z M E T u P b + N n V m L 0 T H 6 + N N s U J 4 r 4 j V q P 2 I 5 z z p Z Q l D 7 q r T u + 0 99 H k R p O T u X Q q 4 t P o M w X M t 5 R X S C T z x X M 4 O I Y T P + y t u N b Q K k Z 4 d H W 3 Q m h k P a K E c c P M z D T x + 7 z M v x 4 T + m 6 h D n w x O / N 3 t t 0 K D 7 A 0 h v M K a K 5 w I S 4 z r 0 n G E m 1 C 7 w j 8 f 9 / B W E i q W S 4 k S u i u 4 M M V c W j c r g S L Y E a B 2 g g p G 6 y f j L v R h n k U L z q i q 5 k G C h 8 G J k v V x a m X l a 7 b 9 G r K w 7 K b 7 P a U g A y b D 5 U + t h o Y x J S M X I O 9 k J w 3 o N n G p J O T v U S k y B W j n h R k G F J j z N s 65 k 1 L C x P R 7 k v x a 6 c y Q r e K F a o G S r b 6 j h 7 w A G S k 7 I k l H k Y j q U U L 9 B + R i L e d 5 D c s L G 6 l X A d L H n t o q 2 l K J P Z b 8 I 5 N X 2 x W m E C b 2 S p B j z Q D u h A I c X R 0 3 N s e Z P f f 4 o E 0 l j m 47 r G D l g E 8 Y 9 L m W B L S J g Q p f B / 2 F U h 4 o y L / H M Z m u g u r / R z U e 1 J P a e K C T 3 o 6 y B 9 / N I X P j R 1 p 7 O 2 + q N / U 4 Z O k G I X W i 8 g U A 9 k U z X u L U 6 b G r L h l 5 w I //EsbDPs9alrDfLKJD2RpB+z5eB+ocCJRX6wePbFqAR+4FqYCTjkakuY3CqYyfrx92BuA1bZyMfkW+dmscCZdfE9ZNM4JjCRnPnGqP9NxgPbOyjmMDJbku22IFpilAMpP+iLM9LQEVxGfD3BKizKgyXLdvIvlJ0/9BZX3koElY7moghwdiDmyffraaIqOuC2oeaTbezLqzt2/cVsuMUWm0uH/dSpmYLkVpqYHw+V43g6Sb1XdtteZqSlaAw7PRFAsgPll46HkhxM1cSTsEWLTwoNDRz40gbeHs+20on6TIGFMydLPhc7KoC5I+5Ad/ypLHtPbgentuK/qj0XuvlJCVyxhfk++nqxrsbyUlw9ZedbdG0BnlfL8lxxCzWeJBv5RWMqFfOcMeBxffYiFYHDvkGNBhXUm5HH6ElpY/q7lC30NlF9hPHUq2A+LjC64KYdA9AO51Z7jPTqNjHiYJYCTXhqkztVzCvXzG1E+MjZivHlJoSeWfFrIXV+/FTlrCY9wdL9JjQPP7b6EIXMTg/u3/BGP6JSmvnteTf+poj1ErVM/SZ9zij8G91r1E4wy0T/u8MRE/UN2EnnrufuNHnBjND+gAv5hRLhGfs+GwXfIWO64qrqlGdVKlikqJtvBafblbL2nr0DeY+6O+z3GiENq7D44p9zurfil8vPR5CIF/tLKuez8yLuWk5uHQGYqgqzKRGG2oSSOYgsjFACqlvZ+BscmVrQEJ1pTaQyHCCPCXEh73svRNEUDOhDLYe6FfjQ49denT6abj0IdQjNjQOkezMeX8XSDbauXnjNk9Uz1OzlqDQKUsCxZ2T5SScVPL0IZTyFYDtpaKlUnHvuBmwd8WaHkkAIrskvd0QkP1fMeZK8AjO81s39a4Vleyw30t0+5FzoZoISiilCt81bAYbQYSsffhZ4leJUcmKBSLNjJWJkdrSvBgbftwwCTnuyb9vOym9D00u8t2QsDzxmj5m27itQNDYpf2zUiP/rN453CHJDCdyUf8Q/DsnCGpyRQelKyCXKEcPfp1DuQI0wE7DjqlUTyf/cdmA/LEXn/my2peLUUtXT7YwFvWlwTHxMBK0PCMc/YKlIbZEQGqv5dDZa/05QM7dNgPwJuAJKIYzNmxLoLxQNK+Nq7Rcjm8zZ03VR4uxVkk0/UdyHFCOqP/RIbW1BdoROwi1TWuUQ8xA2O5WBzps2fhligG8QTRL+BNtpdRuLpdAaDrkbFOJioDjrv/QR7Paw0lujTZgK9adLcXS1vcrYnYATRqbYk
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:48:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"malware-sample\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a24cb-6980-4b9f-89e7-44a0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:48:27.000Z" ,
"modified" : "2017-06-21T07:48:27.000Z" ,
"description" : ".doc container via Email" ,
"pattern" : "[file:name = 'Deborah-Resume.doc' AND file:hashes.SHA1 = '61ac6d00c979026eacf4b28fcb70969d5dc6a3a2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:48:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename|sha1\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a24cb-a444-442f-8894-4890950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:48:27.000Z" ,
"modified" : "2017-06-21T07:48:27.000Z" ,
"description" : ".doc container via Email" ,
"pattern" : "[file:name = 'Deborah-Resume.doc' AND file:hashes.SHA256 = '0ca31353ae0438503a2ad9ade37d463eef08cdeed35fac4feba5924eb127f32b']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T07:48:27Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Payload delivery"
}
] ,
"labels" : [
"misp:type=\"filename|sha256\"" ,
"misp:category=\"Payload delivery\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--594a24ea-a8f4-42a0-8b7c-4b5f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:48:58.000Z" ,
"modified" : "2017-06-21T07:48:58.000Z" ,
"first_observed" : "2017-06-21T07:48:58Z" ,
"last_observed" : "2017-06-21T07:48:58Z" ,
"number_observed" : 1 ,
"object_refs" : [
"email-message--594a24ea-a8f4-42a0-8b7c-4b5f950d210f"
] ,
"labels" : [
"misp:type=\"email-subject\"" ,
"misp:category=\"Payload delivery\""
]
} ,
{
"type" : "email-message" ,
"spec_version" : "2.1" ,
"id" : "email-message--594a24ea-a8f4-42a0-8b7c-4b5f950d210f" ,
"is_multipart" : false ,
"subject" : "Job Application"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:50:42.000Z" ,
"modified" : "2017-06-21T07:50:42.000Z" ,
"first_observed" : "2017-06-21T07:50:42Z" ,
"last_observed" : "2017-06-21T07:50:42Z" ,
"number_observed" : 1 ,
"object_refs" : [
"email-message--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"email-addr--594a2552-72bc-4656-a5d5-4b46950d210f"
] ,
"labels" : [
"misp:type=\"email-src\"" ,
"misp:category=\"Payload delivery\""
]
} ,
{
"type" : "email-message" ,
"spec_version" : "2.1" ,
"id" : "email-message--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"is_multipart" : false ,
"from_ref" : "email-addr--594a2552-72bc-4656-a5d5-4b46950d210f"
} ,
{
"type" : "email-addr" ,
"spec_version" : "2.1" ,
"id" : "email-addr--594a2552-72bc-4656-a5d5-4b46950d210f" ,
"value" : "miller@securityupdateserver.com"
} ,
{
"type" : "observed-data" ,
"spec_version" : "2.1" ,
"id" : "observed-data--594a2575-71fc-496d-b90c-4f63950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T07:51:53.000Z" ,
"modified" : "2017-06-21T07:51:53.000Z" ,
"first_observed" : "2017-06-21T07:51:53Z" ,
"last_observed" : "2017-06-21T07:51:53Z" ,
"number_observed" : 1 ,
"object_refs" : [
"email-message--594a2575-71fc-496d-b90c-4f63950d210f"
] ,
"labels" : [
"misp:type=\"email-body\"" ,
"misp:category=\"Payload delivery\""
]
} ,
{
"type" : "email-message" ,
"spec_version" : "2.1" ,
"id" : "email-message--594a2575-71fc-496d-b90c-4f63950d210f" ,
"is_multipart" : false ,
"body" : "Hi \r\nI visited your website recently.. \r\nI'm currently looking for employment either part time or as a intern to get experience in the field. \r\nPlease review my Resume and let me know what you think.\r\n\r\nBest regards, \r\n\r\n--"
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-b348-4450-ab37-4723950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '204.79.197.203']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-b06c-4a08-ba50-47e5950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.16.4.219']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-1924-43eb-91e6-4206950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.46.194.10']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-1234-4648-aeaa-464c950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.93.42.3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-a9b8-40ac-a705-4868950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '204.79.197.200']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-ad70-42f1-90a4-4a47950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.93.42.2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-7cd0-4a8c-858b-4654950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.200.74.133']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-6124-4899-b244-492d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.101.1.108']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-0800-4f00-ba79-4701950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.33.222.62']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-d868-4ba0-b7d0-4b47950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.101.2.49']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-30c0-4169-9b2a-4494950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.33.223.202']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-fc14-4e3a-981b-4a38950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '152.163.56.3']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-aa80-40d2-a2e9-4c64950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.225.197.197']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-e9d8-4e3c-88f0-438a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.93.174.137']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-5d48-4420-aa62-46d2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.101.0.249']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-d390-4238-9624-4638950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.34.190.222']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-73ec-4a23-be3b-44e2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '13.107.5.80']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-7054-4388-b650-4066950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.85.202.155']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-cc30-4e05-803c-40e8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.0.160.206']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-8d5c-4ba2-9ebc-4a2b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '35.158.14.190']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-3394-4133-9e9d-4043950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.19.162.80']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-71e4-41cf-9d35-4f59950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.29.135.234']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-a714-4f54-84e9-407e950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.172.94.30']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-80b8-4cef-9de1-41b7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.250.2.76']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-fc5c-4917-b900-40ad950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.247.166.89']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-075c-4f0d-90ad-4d87950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.216.247.226']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-4718-4fef-aa66-44c8950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.45.217.171']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-5024-479b-9630-4806950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.62.216.248']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-b520-4c10-ac34-4839950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.29.136.72']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-b9e0-4782-87db-4137950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '161.170.238.122']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-d4a4-46f4-9a37-406b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.210.249.91']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-5818-4386-989b-4868950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '34.206.167.59']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-7938-499d-8289-468a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.93.174.145']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-fbe4-4528-b5ca-4a85950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.94.232.32']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-e638-40b1-94c3-4908950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.241.240.143']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-5a0c-4af5-a88f-48ef950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '152.195.39.2']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-f810-4c30-9411-4d3b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.187.86.42']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-aaa4-45d3-a0e1-4923950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.85.249.98']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-85d8-4b0d-af45-4532950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.103.134.242']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-c874-4b7f-90a1-4ede950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.93.174.139']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-285c-4e80-801e-4005950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.40.210.32']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-9c70-4de2-a0ff-4da3950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.23.220.195']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a28eb-cc4c-46a5-9888-496f950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:06:03.000Z" ,
"modified" : "2017-06-21T08:06:03.000Z" ,
"pattern" : "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.47.139.102']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:06:03Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"ip-dst\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-0238-4494-a277-4d45950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.2vdddxc5vcyqvi3.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-ba30-40be-8407-4ada950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.v6p42kbjuaalj2qbzfigrbat.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-34a8-43e0-9ae5-41c6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.o2tzcp735ikw4tdl.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-a760-4298-85d8-4cd2950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.hirhirfgvv6vcz755govs.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-5bb8-490a-91ce-4c83950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.2dvsqalysndq7p23ua.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-2398-4f74-9759-433d950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.s6ge54m523awtazeyfy7g3rel.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-ffc8-4015-bf27-40a4950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.nhmzwx46jrudevpwr6j66ofc.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-3270-478b-8f75-4d92950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.swhchi4p4ttru2.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-4bf4-414b-bce5-41ee950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.6qrgzi6kjnhzy.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-1758-4114-a8c1-4244950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.cgosduh6pevgnmpe4ii6.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-ca20-45cd-b413-4b8a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.nl2dtb6uf3jo.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-db30-4542-b9e7-40f1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.gbaa.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-b6e0-4af3-a6b4-4c2a950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.mduplmhmz4cbsmmk6m.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-0014-499f-a13f-40c0950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.qhkdidhn4xlwjvblnsrgfk.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-056c-4cdc-b97d-4509950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.qm5tx4h63hfcn3kocon.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-b190-469c-af6c-4e7b950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.4pp47cijiskr6iwojw.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-9914-4eed-8fe4-4bde950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.53gnzw3wsuax.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-a9c0-4af7-9b28-44fb950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.pzfaq3j7xxs5fj7ose.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-e2a8-4f0c-97be-4597950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.qymvrmjf4.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-86fc-4a83-b35d-4934950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.iujmgu7vachgnu6sn5wrh3ad.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-a1ac-4976-a865-42d7950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.g3ww2iuerd.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-f49c-4911-903c-40a1950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.gmqb7bi4djxfb5ivljf5.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-77fc-4a3f-ae9d-42e6950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.4jw7nf72zheawfzd.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-7fec-4548-b8fb-4ff9950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.4xjxngsrp4m.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "indicator" ,
"spec_version" : "2.1" ,
"id" : "indicator--594a29b5-bdc4-435f-aaa2-44ad950d210f" ,
"created_by_ref" : "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f" ,
"created" : "2017-06-21T08:09:25.000Z" ,
"modified" : "2017-06-21T08:09:25.000Z" ,
"description" : "Sample of generated domains (DGA)" ,
"pattern" : "[domain-name:value = 'www.jp4ktooobethywp6xsh.com']" ,
"pattern_type" : "stix" ,
"pattern_version" : "2.1" ,
"valid_from" : "2017-06-21T08:09:25Z" ,
"kill_chain_phases" : [
{
"kill_chain_name" : "misp-category" ,
"phase_name" : "Network activity"
}
] ,
"labels" : [
"misp:type=\"hostname\"" ,
"misp:category=\"Network activity\"" ,
"misp:to_ids=\"True\""
]
} ,
{
"type" : "marking-definition" ,
"spec_version" : "2.1" ,
"id" : "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9" ,
"created" : "2017-01-20T00:00:00.000Z" ,
"definition_type" : "tlp" ,
"name" : "TLP:WHITE" ,
"definition" : {
"tlp" : "white"
}
}
2023-04-21 13:25:09 +00:00
]
}