adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/59d8f433-4934-4b7e-a2e3-43ea950d210f.json

3177 lines
126 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--59d8f433-4934-4b7e-a2e3-43ea950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-09T11:32:01.000Z",
"modified": "2017-10-09T11:32:01.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59d8f433-4934-4b7e-a2e3-43ea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-09T11:32:01.000Z",
"modified": "2017-10-09T11:32:01.000Z",
"name": "M2M - Locky 2017-10-05 : Affid=3, offline, \".ykcol\" : \"Invoice INV000123\" - \"Invoice INV000123.7z\"",
"published": "2017-10-09T11:33:30Z",
"object_refs": [
"indicator--59d8f434-8714-4c1d-a8a9-4eae950d210f",
"indicator--59d8f434-79d8-4c66-8572-4937950d210f",
"observed-data--59d8f434-cc74-4702-af56-41f5950d210f",
"network-traffic--59d8f434-cc74-4702-af56-41f5950d210f",
"ipv4-addr--59d8f434-cc74-4702-af56-41f5950d210f",
"indicator--59d8f435-bc98-4f53-9ffb-48d5950d210f",
"indicator--59d8f435-9240-4e80-aec5-4923950d210f",
"observed-data--59d8f436-a944-48f4-bcdc-481e950d210f",
"network-traffic--59d8f436-a944-48f4-bcdc-481e950d210f",
"ipv4-addr--59d8f436-a944-48f4-bcdc-481e950d210f",
"indicator--59d8f436-bc9c-457b-9521-b391950d210f",
"indicator--59d8f436-cd0c-447e-9c57-49b4950d210f",
"observed-data--59d8f437-4e04-4ec7-8e94-4382950d210f",
"network-traffic--59d8f437-4e04-4ec7-8e94-4382950d210f",
"ipv4-addr--59d8f437-4e04-4ec7-8e94-4382950d210f",
"indicator--59d8f438-2304-41ee-b34f-b324950d210f",
"indicator--59d8f438-58dc-4ba9-8de1-4958950d210f",
"observed-data--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"network-traffic--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"ipv4-addr--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"indicator--59d8f43b-9954-49f3-b8bb-451f950d210f",
"indicator--59d8f43b-c068-498f-bdd6-45c2950d210f",
"observed-data--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"network-traffic--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"ipv4-addr--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"indicator--59d8f43c-6308-41ac-8670-4a51950d210f",
"indicator--59d8f43c-2a94-48d8-b795-45ca950d210f",
"observed-data--59d8f43c-2bd0-4360-879d-41d3950d210f",
"network-traffic--59d8f43c-2bd0-4360-879d-41d3950d210f",
"ipv4-addr--59d8f43c-2bd0-4360-879d-41d3950d210f",
"indicator--59d8f43d-4204-4218-a269-4154950d210f",
"indicator--59d8f43d-340c-4d39-a585-4e27950d210f",
"observed-data--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"network-traffic--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"ipv4-addr--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"indicator--59d8f43e-09f8-4b28-989d-b391950d210f",
"indicator--59d8f43e-06fc-47f5-8b11-43bc950d210f",
"observed-data--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"network-traffic--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"ipv4-addr--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"indicator--59d8f43f-e720-4b81-af17-4cb0950d210f",
"indicator--59d8f43f-2ad4-4640-a0c6-4530950d210f",
"observed-data--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"network-traffic--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"ipv4-addr--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"indicator--59d8f440-a9b0-4f47-85b3-489d950d210f",
"indicator--59d8f441-5db8-47d3-9e16-4236950d210f",
"observed-data--59d8f441-0850-4a71-9bc9-407f950d210f",
"network-traffic--59d8f441-0850-4a71-9bc9-407f950d210f",
"ipv4-addr--59d8f441-0850-4a71-9bc9-407f950d210f",
"indicator--59d8f442-8654-4756-b881-430b950d210f",
"indicator--59d8f442-1eb8-43a4-a66d-4f98950d210f",
"indicator--59d8f443-0d0c-4188-8c63-4d09950d210f",
"indicator--59d8f443-4b0c-46d3-a670-42c6950d210f",
"indicator--59d8f443-996c-4d9e-a785-4bcd950d210f",
"indicator--59d8f444-2318-4b33-a489-4458950d210f",
"observed-data--59d8f444-5d10-470e-9426-4ded950d210f",
"network-traffic--59d8f444-5d10-470e-9426-4ded950d210f",
"ipv4-addr--59d8f444-5d10-470e-9426-4ded950d210f",
"indicator--59d8f444-bd84-4bb8-b5ca-42f3950d210f",
"indicator--59d8f444-ec60-4f3d-8c91-470c950d210f",
"observed-data--59d8f445-5118-442d-8b34-4c34950d210f",
"network-traffic--59d8f445-5118-442d-8b34-4c34950d210f",
"ipv4-addr--59d8f445-5118-442d-8b34-4c34950d210f",
"indicator--59d8f445-d830-47ed-831c-4e9c950d210f",
"indicator--59d8f445-5ad4-4ec3-835c-4d30950d210f",
"observed-data--59d8f446-b234-4957-93ea-4310950d210f",
"network-traffic--59d8f446-b234-4957-93ea-4310950d210f",
"ipv4-addr--59d8f446-b234-4957-93ea-4310950d210f",
"indicator--59d8f446-06f8-469b-8f8b-4ff0950d210f",
"indicator--59d8f447-e1e0-4a3b-8093-47a1950d210f",
"observed-data--59d8f448-8c18-4592-a371-4743950d210f",
"network-traffic--59d8f448-8c18-4592-a371-4743950d210f",
"ipv4-addr--59d8f448-8c18-4592-a371-4743950d210f",
"indicator--59d8f449-f0ac-485f-806d-4c85950d210f",
"indicator--59d8f449-9338-4f85-be0a-4e76950d210f",
"observed-data--59d8f449-6584-4bb8-a027-b324950d210f",
"network-traffic--59d8f449-6584-4bb8-a027-b324950d210f",
"ipv4-addr--59d8f449-6584-4bb8-a027-b324950d210f",
"indicator--59d8f44a-b32c-448a-9bbc-413d950d210f",
"indicator--59d8f44a-1edc-4e96-90b3-493c950d210f",
"indicator--59d8f46d-9660-4870-ae7d-4699950d210f",
"indicator--59d8f46d-c49c-4d65-8bfb-4d42950d210f",
"observed-data--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"network-traffic--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"ipv4-addr--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"indicator--59d8f46e-cf68-4c7d-851a-4c0b950d210f",
"indicator--59d8f46e-4590-4dbf-b1c5-4c52950d210f",
"observed-data--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"network-traffic--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"ipv4-addr--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"indicator--59d8f46f-fa9c-487e-bedf-4114950d210f",
"indicator--59d8f46f-4c90-4cc9-8574-b391950d210f",
"indicator--59d8f496-c3e4-4d84-b79b-49e9950d210f",
"indicator--59d8f496-36c0-4bb5-a19a-4ee4950d210f",
"observed-data--59d8f497-0418-4c47-b01b-4b8e950d210f",
"network-traffic--59d8f497-0418-4c47-b01b-4b8e950d210f",
"ipv4-addr--59d8f497-0418-4c47-b01b-4b8e950d210f",
"indicator--59d8f498-e480-4629-9b09-48c9950d210f",
"indicator--59d8f498-2978-48e5-a021-467b950d210f",
"observed-data--59d8f498-da14-40d7-bc48-42ec950d210f",
"network-traffic--59d8f498-da14-40d7-bc48-42ec950d210f",
"ipv4-addr--59d8f498-da14-40d7-bc48-42ec950d210f",
"indicator--59d8f499-1f44-471f-8727-437a950d210f",
"indicator--59d8f499-70d0-482f-b965-b391950d210f",
"observed-data--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"network-traffic--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"ipv4-addr--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"indicator--59d8f49a-37c0-40b0-a2b6-4b39950d210f",
"indicator--59d8f49a-8fb8-4036-8897-448a950d210f",
"observed-data--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"network-traffic--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"ipv4-addr--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"indicator--59d8f49b-3950-4f54-8c00-4bf7950d210f",
"indicator--59d8f49c-3cd0-4c21-ab94-4b4d950d210f",
"observed-data--59d8f49c-9068-41eb-8e03-45c4950d210f",
"network-traffic--59d8f49c-9068-41eb-8e03-45c4950d210f",
"ipv4-addr--59d8f49c-9068-41eb-8e03-45c4950d210f",
"indicator--59d8f49d-9e1c-4383-a5dd-b391950d210f",
"indicator--59d8f49d-6360-41f7-ae0e-b324950d210f",
"observed-data--59d8f49d-7624-4029-9394-43d6950d210f",
"network-traffic--59d8f49d-7624-4029-9394-43d6950d210f",
"ipv4-addr--59d8f49d-7624-4029-9394-43d6950d210f",
"indicator--59d8f49e-b3ec-4771-8d19-49d9950d210f",
"indicator--59d8f49e-4970-4cc3-b946-483b950d210f",
"observed-data--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"network-traffic--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"ipv4-addr--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"indicator--59d8f49f-88b4-4442-8a01-4a77950d210f",
"indicator--59d8f49f-da18-419a-b82b-418a950d210f",
"observed-data--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"network-traffic--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"ipv4-addr--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"indicator--59d8f4a0-4330-4ecc-90da-45c9950d210f",
"indicator--59d8f4a0-b328-4563-a46a-4dad950d210f",
"observed-data--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"network-traffic--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"ipv4-addr--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"indicator--59d8f4a1-ee40-447b-be77-4c40950d210f",
"indicator--59d8f4a1-a6a8-4ced-8b07-4c34950d210f",
"observed-data--59d8f4a2-3678-4554-a38c-4083950d210f",
"network-traffic--59d8f4a2-3678-4554-a38c-4083950d210f",
"ipv4-addr--59d8f4a2-3678-4554-a38c-4083950d210f",
"indicator--59d8f4a2-faf4-4cf5-a61e-414b950d210f",
"indicator--59d8f4a2-4098-425f-941e-4a44950d210f",
"observed-data--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"network-traffic--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"ipv4-addr--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"indicator--59d8f4a3-fdb4-4cc0-abb1-48ae950d210f",
"indicator--59d8f4a4-4310-47df-98a0-41de950d210f",
"observed-data--59d8f4a4-8138-4678-b4c7-4904950d210f",
"network-traffic--59d8f4a4-8138-4678-b4c7-4904950d210f",
"ipv4-addr--59d8f4a4-8138-4678-b4c7-4904950d210f",
"indicator--59d8f4a4-3d4c-473c-82b8-478c950d210f",
"indicator--59d8f4a5-3fd8-4afb-ac22-4641950d210f",
"observed-data--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"network-traffic--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"ipv4-addr--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"indicator--59d8f4a5-3718-4c5a-aa64-b391950d210f",
"indicator--59d8f4a6-6f0c-4759-afa9-4230950d210f",
"observed-data--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"network-traffic--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"ipv4-addr--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"indicator--59d8f4a7-2a40-4bb0-bd91-4ad8950d210f",
"indicator--59d8f4a7-6c4c-4c51-955f-41ec950d210f",
"observed-data--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"network-traffic--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"ipv4-addr--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"indicator--59d8f4a8-5250-486d-a62e-433d950d210f",
"indicator--59d8f4a8-b754-48e1-823b-450c950d210f",
"observed-data--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"network-traffic--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"ipv4-addr--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"indicator--59d8f4aa-0620-47b7-9894-4dc2950d210f",
"indicator--59d8f4aa-6f58-44e9-a995-4245950d210f",
"observed-data--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"network-traffic--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"ipv4-addr--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"indicator--59d8f4ab-f324-42ae-87ba-480c950d210f",
"indicator--59d8f4ab-bae0-4566-b4d4-437b950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f434-8714-4c1d-a8a9-4eae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:16.000Z",
"modified": "2017-10-07T15:35:16.000Z",
"pattern": "[url:value = 'http://abelfaria.pt/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f434-79d8-4c66-8572-4937950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:16.000Z",
"modified": "2017-10-07T15:35:16.000Z",
"pattern": "[domain-name:value = 'abelfaria.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f434-cc74-4702-af56-41f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:16.000Z",
"modified": "2017-10-07T15:35:16.000Z",
"first_observed": "2017-10-07T15:35:16Z",
"last_observed": "2017-10-07T15:35:16Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f434-cc74-4702-af56-41f5950d210f",
"ipv4-addr--59d8f434-cc74-4702-af56-41f5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f434-cc74-4702-af56-41f5950d210f",
"dst_ref": "ipv4-addr--59d8f434-cc74-4702-af56-41f5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f434-cc74-4702-af56-41f5950d210f",
"value": "109.71.42.24"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f435-bc98-4f53-9ffb-48d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:17.000Z",
"modified": "2017-10-07T15:35:17.000Z",
"pattern": "[url:value = 'http://balzantruck.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f435-9240-4e80-aec5-4923950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:17.000Z",
"modified": "2017-10-07T15:35:17.000Z",
"pattern": "[domain-name:value = 'balzantruck.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f436-a944-48f4-bcdc-481e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:18.000Z",
"modified": "2017-10-07T15:35:18.000Z",
"first_observed": "2017-10-07T15:35:18Z",
"last_observed": "2017-10-07T15:35:18Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f436-a944-48f4-bcdc-481e950d210f",
"ipv4-addr--59d8f436-a944-48f4-bcdc-481e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f436-a944-48f4-bcdc-481e950d210f",
"dst_ref": "ipv4-addr--59d8f436-a944-48f4-bcdc-481e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f436-a944-48f4-bcdc-481e950d210f",
"value": "69.156.240.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f436-bc9c-457b-9521-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:18.000Z",
"modified": "2017-10-07T15:35:18.000Z",
"pattern": "[url:value = 'http://bnphealthcare.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f436-cd0c-447e-9c57-49b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:18.000Z",
"modified": "2017-10-07T15:35:18.000Z",
"pattern": "[domain-name:value = 'bnphealthcare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f437-4e04-4ec7-8e94-4382950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:19.000Z",
"modified": "2017-10-07T15:35:19.000Z",
"first_observed": "2017-10-07T15:35:19Z",
"last_observed": "2017-10-07T15:35:19Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f437-4e04-4ec7-8e94-4382950d210f",
"ipv4-addr--59d8f437-4e04-4ec7-8e94-4382950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f437-4e04-4ec7-8e94-4382950d210f",
"dst_ref": "ipv4-addr--59d8f437-4e04-4ec7-8e94-4382950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f437-4e04-4ec7-8e94-4382950d210f",
"value": "202.169.44.152"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f438-2304-41ee-b34f-b324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:20.000Z",
"modified": "2017-10-07T15:35:20.000Z",
"pattern": "[url:value = 'http://conxibit.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f438-58dc-4ba9-8de1-4958950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:20.000Z",
"modified": "2017-10-07T15:35:20.000Z",
"pattern": "[domain-name:value = 'conxibit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:22.000Z",
"modified": "2017-10-07T15:35:22.000Z",
"first_observed": "2017-10-07T15:35:22Z",
"last_observed": "2017-10-07T15:35:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"ipv4-addr--59d8f43a-fc04-4d8e-ab65-4277950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"dst_ref": "ipv4-addr--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f43a-fc04-4d8e-ab65-4277950d210f",
"value": "175.107.146.17"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43b-9954-49f3-b8bb-451f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:23.000Z",
"modified": "2017-10-07T15:35:23.000Z",
"pattern": "[url:value = 'http://demopowerindo.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43b-c068-498f-bdd6-45c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:23.000Z",
"modified": "2017-10-07T15:35:23.000Z",
"pattern": "[domain-name:value = 'demopowerindo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:23.000Z",
"modified": "2017-10-07T15:35:23.000Z",
"first_observed": "2017-10-07T15:35:23Z",
"last_observed": "2017-10-07T15:35:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"ipv4-addr--59d8f43b-f7a4-4c7b-8246-b324950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"dst_ref": "ipv4-addr--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f43b-f7a4-4c7b-8246-b324950d210f",
"value": "202.169.44.167"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43c-6308-41ac-8670-4a51950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:24.000Z",
"modified": "2017-10-07T15:35:24.000Z",
"pattern": "[url:value = 'http://ecofloraholland.nl/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43c-2a94-48d8-b795-45ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:24.000Z",
"modified": "2017-10-07T15:35:24.000Z",
"pattern": "[domain-name:value = 'ecofloraholland.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f43c-2bd0-4360-879d-41d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:24.000Z",
"modified": "2017-10-07T15:35:24.000Z",
"first_observed": "2017-10-07T15:35:24Z",
"last_observed": "2017-10-07T15:35:24Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f43c-2bd0-4360-879d-41d3950d210f",
"ipv4-addr--59d8f43c-2bd0-4360-879d-41d3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f43c-2bd0-4360-879d-41d3950d210f",
"dst_ref": "ipv4-addr--59d8f43c-2bd0-4360-879d-41d3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f43c-2bd0-4360-879d-41d3950d210f",
"value": "195.160.216.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43d-4204-4218-a269-4154950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:25.000Z",
"modified": "2017-10-07T15:35:25.000Z",
"pattern": "[url:value = 'http://emeryconsult.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43d-340c-4d39-a585-4e27950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:25.000Z",
"modified": "2017-10-07T15:35:25.000Z",
"pattern": "[domain-name:value = 'emeryconsult.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:25.000Z",
"modified": "2017-10-07T15:35:25.000Z",
"first_observed": "2017-10-07T15:35:25Z",
"last_observed": "2017-10-07T15:35:25Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"ipv4-addr--59d8f43d-94e0-4df7-a2d9-410a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"dst_ref": "ipv4-addr--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f43d-94e0-4df7-a2d9-410a950d210f",
"value": "74.208.100.102"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43e-09f8-4b28-989d-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:26.000Z",
"modified": "2017-10-07T15:35:26.000Z",
"pattern": "[url:value = 'http://eurecas.org/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43e-06fc-47f5-8b11-43bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:26.000Z",
"modified": "2017-10-07T15:35:26.000Z",
"pattern": "[domain-name:value = 'eurecas.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:27.000Z",
"modified": "2017-10-07T15:35:27.000Z",
"first_observed": "2017-10-07T15:35:27Z",
"last_observed": "2017-10-07T15:35:27Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"ipv4-addr--59d8f43f-919c-48a9-bc4c-4c6a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"dst_ref": "ipv4-addr--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f43f-919c-48a9-bc4c-4c6a950d210f",
"value": "185.58.7.11"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43f-e720-4b81-af17-4cb0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:27.000Z",
"modified": "2017-10-07T15:35:27.000Z",
"pattern": "[url:value = 'http://georginabringas.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f43f-2ad4-4640-a0c6-4530950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:27.000Z",
"modified": "2017-10-07T15:35:27.000Z",
"pattern": "[domain-name:value = 'georginabringas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:28.000Z",
"modified": "2017-10-07T15:35:28.000Z",
"first_observed": "2017-10-07T15:35:28Z",
"last_observed": "2017-10-07T15:35:28Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"ipv4-addr--59d8f440-9d34-4ea9-a48d-4f35950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"dst_ref": "ipv4-addr--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f440-9d34-4ea9-a48d-4f35950d210f",
"value": "40.76.209.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f440-a9b0-4f47-85b3-489d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:28.000Z",
"modified": "2017-10-07T15:35:28.000Z",
"pattern": "[url:value = 'http://highpressurewelding.co.uk/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f441-5db8-47d3-9e16-4236950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:29.000Z",
"modified": "2017-10-07T15:35:29.000Z",
"pattern": "[domain-name:value = 'highpressurewelding.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f441-0850-4a71-9bc9-407f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:29.000Z",
"modified": "2017-10-07T15:35:29.000Z",
"first_observed": "2017-10-07T15:35:29Z",
"last_observed": "2017-10-07T15:35:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f441-0850-4a71-9bc9-407f950d210f",
"ipv4-addr--59d8f441-0850-4a71-9bc9-407f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f441-0850-4a71-9bc9-407f950d210f",
"dst_ref": "ipv4-addr--59d8f441-0850-4a71-9bc9-407f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f441-0850-4a71-9bc9-407f950d210f",
"value": "91.192.195.51"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f442-8654-4756-b881-430b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:30.000Z",
"modified": "2017-10-07T15:35:30.000Z",
"pattern": "[url:value = 'http://ilibarcelos.pt/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f442-1eb8-43a4-a66d-4f98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:30.000Z",
"modified": "2017-10-07T15:35:30.000Z",
"pattern": "[domain-name:value = 'ilibarcelos.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f443-0d0c-4188-8c63-4d09950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:31.000Z",
"modified": "2017-10-07T15:35:31.000Z",
"pattern": "[url:value = 'http://lasdamas.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f443-4b0c-46d3-a670-42c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:31.000Z",
"modified": "2017-10-07T15:35:31.000Z",
"pattern": "[domain-name:value = 'lasdamas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f443-996c-4d9e-a785-4bcd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:31.000Z",
"modified": "2017-10-07T15:35:31.000Z",
"pattern": "[url:value = 'http://logistics.nazwa.pl/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f444-2318-4b33-a489-4458950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:32.000Z",
"modified": "2017-10-07T15:35:32.000Z",
"pattern": "[domain-name:value = 'logistics.nazwa.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f444-5d10-470e-9426-4ded950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:32.000Z",
"modified": "2017-10-07T15:35:32.000Z",
"first_observed": "2017-10-07T15:35:32Z",
"last_observed": "2017-10-07T15:35:32Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f444-5d10-470e-9426-4ded950d210f",
"ipv4-addr--59d8f444-5d10-470e-9426-4ded950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f444-5d10-470e-9426-4ded950d210f",
"dst_ref": "ipv4-addr--59d8f444-5d10-470e-9426-4ded950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f444-5d10-470e-9426-4ded950d210f",
"value": "85.128.227.19"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f444-bd84-4bb8-b5ca-42f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:32.000Z",
"modified": "2017-10-07T15:35:32.000Z",
"pattern": "[url:value = 'http://machala.freehost.pl/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f444-ec60-4f3d-8c91-470c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:32.000Z",
"modified": "2017-10-07T15:35:32.000Z",
"pattern": "[domain-name:value = 'machala.freehost.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f445-5118-442d-8b34-4c34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:33.000Z",
"modified": "2017-10-07T15:35:33.000Z",
"first_observed": "2017-10-07T15:35:33Z",
"last_observed": "2017-10-07T15:35:33Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f445-5118-442d-8b34-4c34950d210f",
"ipv4-addr--59d8f445-5118-442d-8b34-4c34950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f445-5118-442d-8b34-4c34950d210f",
"dst_ref": "ipv4-addr--59d8f445-5118-442d-8b34-4c34950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f445-5118-442d-8b34-4c34950d210f",
"value": "195.114.0.64"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f445-d830-47ed-831c-4e9c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:33.000Z",
"modified": "2017-10-07T15:35:33.000Z",
"pattern": "[url:value = 'http://pnkparamount.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f445-5ad4-4ec3-835c-4d30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:33.000Z",
"modified": "2017-10-07T15:35:33.000Z",
"pattern": "[domain-name:value = 'pnkparamount.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f446-b234-4957-93ea-4310950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:34.000Z",
"modified": "2017-10-07T15:35:34.000Z",
"first_observed": "2017-10-07T15:35:34Z",
"last_observed": "2017-10-07T15:35:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f446-b234-4957-93ea-4310950d210f",
"ipv4-addr--59d8f446-b234-4957-93ea-4310950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f446-b234-4957-93ea-4310950d210f",
"dst_ref": "ipv4-addr--59d8f446-b234-4957-93ea-4310950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f446-b234-4957-93ea-4310950d210f",
"value": "66.135.55.8"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f446-06f8-469b-8f8b-4ff0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:34.000Z",
"modified": "2017-10-07T15:35:34.000Z",
"pattern": "[url:value = 'http://teracom.co.id/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f447-e1e0-4a3b-8093-47a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:35.000Z",
"modified": "2017-10-07T15:35:35.000Z",
"pattern": "[domain-name:value = 'teracom.co.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f448-8c18-4592-a371-4743950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:36.000Z",
"modified": "2017-10-07T15:35:36.000Z",
"first_observed": "2017-10-07T15:35:36Z",
"last_observed": "2017-10-07T15:35:36Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f448-8c18-4592-a371-4743950d210f",
"ipv4-addr--59d8f448-8c18-4592-a371-4743950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f448-8c18-4592-a371-4743950d210f",
"dst_ref": "ipv4-addr--59d8f448-8c18-4592-a371-4743950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f448-8c18-4592-a371-4743950d210f",
"value": "202.169.44.149"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f449-f0ac-485f-806d-4c85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:37.000Z",
"modified": "2017-10-07T15:35:37.000Z",
"pattern": "[url:value = 'http://troyriser.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f449-9338-4f85-be0a-4e76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:37.000Z",
"modified": "2017-10-07T15:35:37.000Z",
"pattern": "[domain-name:value = 'troyriser.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f449-6584-4bb8-a027-b324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:37.000Z",
"modified": "2017-10-07T15:35:37.000Z",
"first_observed": "2017-10-07T15:35:37Z",
"last_observed": "2017-10-07T15:35:37Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f449-6584-4bb8-a027-b324950d210f",
"ipv4-addr--59d8f449-6584-4bb8-a027-b324950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f449-6584-4bb8-a027-b324950d210f",
"dst_ref": "ipv4-addr--59d8f449-6584-4bb8-a027-b324950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f449-6584-4bb8-a027-b324950d210f",
"value": "98.124.251.167"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f44a-b32c-448a-9bbc-413d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:38.000Z",
"modified": "2017-10-07T15:35:38.000Z",
"pattern": "[url:value = 'http://unifiedfloor.com/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f44a-1edc-4e96-90b3-493c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:35:38.000Z",
"modified": "2017-10-07T15:35:38.000Z",
"pattern": "[domain-name:value = 'unifiedfloor.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:35:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46d-9660-4870-ae7d-4699950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:13.000Z",
"modified": "2017-10-07T15:36:13.000Z",
"pattern": "[url:value = 'http://www.100kisses.org/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46d-c49c-4d65-8bfb-4d42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:13.000Z",
"modified": "2017-10-07T15:36:13.000Z",
"pattern": "[domain-name:value = 'www.100kisses.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:13.000Z",
"modified": "2017-10-07T15:36:13.000Z",
"first_observed": "2017-10-07T15:36:13Z",
"last_observed": "2017-10-07T15:36:13Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"ipv4-addr--59d8f46d-d0fc-4dfe-b875-4bae950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"dst_ref": "ipv4-addr--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f46d-d0fc-4dfe-b875-4bae950d210f",
"value": "192.126.92.143"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46e-cf68-4c7d-851a-4c0b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:14.000Z",
"modified": "2017-10-07T15:36:14.000Z",
"pattern": "[url:value = 'http://www.gtCartographic.co.uk/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46e-4590-4dbf-b1c5-4c52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:14.000Z",
"modified": "2017-10-07T15:36:14.000Z",
"pattern": "[domain-name:value = 'www.gtcartographic.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:15.000Z",
"modified": "2017-10-07T15:36:15.000Z",
"first_observed": "2017-10-07T15:36:15Z",
"last_observed": "2017-10-07T15:36:15Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"ipv4-addr--59d8f46f-88e0-45a0-a237-4fbf950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"dst_ref": "ipv4-addr--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f46f-88e0-45a0-a237-4fbf950d210f",
"value": "82.145.60.140"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46f-fa9c-487e-bedf-4114950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:15.000Z",
"modified": "2017-10-07T15:36:15.000Z",
"pattern": "[url:value = 'http://mrscrowe.net/p66/9hgfdfyr6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f46f-4c90-4cc9-8574-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:15.000Z",
"modified": "2017-10-07T15:36:15.000Z",
"pattern": "[domain-name:value = 'mrscrowe.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f496-c3e4-4d84-b79b-49e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:54.000Z",
"modified": "2017-10-07T15:36:54.000Z",
"pattern": "[url:value = 'http://2-wave.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f496-36c0-4bb5-a19a-4ee4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:54.000Z",
"modified": "2017-10-07T15:36:54.000Z",
"pattern": "[domain-name:value = '2-wave.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f497-0418-4c47-b01b-4b8e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:55.000Z",
"modified": "2017-10-07T15:36:55.000Z",
"first_observed": "2017-10-07T15:36:55Z",
"last_observed": "2017-10-07T15:36:55Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f497-0418-4c47-b01b-4b8e950d210f",
"ipv4-addr--59d8f497-0418-4c47-b01b-4b8e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f497-0418-4c47-b01b-4b8e950d210f",
"dst_ref": "ipv4-addr--59d8f497-0418-4c47-b01b-4b8e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f497-0418-4c47-b01b-4b8e950d210f",
"value": "209.54.62.81"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f498-e480-4629-9b09-48c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:56.000Z",
"modified": "2017-10-07T15:36:56.000Z",
"pattern": "[url:value = 'http://3e.com.pt/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f498-2978-48e5-a021-467b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:56.000Z",
"modified": "2017-10-07T15:36:56.000Z",
"pattern": "[domain-name:value = '3e.com.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f498-da14-40d7-bc48-42ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:56.000Z",
"modified": "2017-10-07T15:36:56.000Z",
"first_observed": "2017-10-07T15:36:56Z",
"last_observed": "2017-10-07T15:36:56Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f498-da14-40d7-bc48-42ec950d210f",
"ipv4-addr--59d8f498-da14-40d7-bc48-42ec950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f498-da14-40d7-bc48-42ec950d210f",
"dst_ref": "ipv4-addr--59d8f498-da14-40d7-bc48-42ec950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f498-da14-40d7-bc48-42ec950d210f",
"value": "174.141.224.179"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f499-1f44-471f-8727-437a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:57.000Z",
"modified": "2017-10-07T15:36:57.000Z",
"pattern": "[url:value = 'http://9ninewright.net/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f499-70d0-482f-b965-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:57.000Z",
"modified": "2017-10-07T15:36:57.000Z",
"pattern": "[domain-name:value = '9ninewright.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:57.000Z",
"modified": "2017-10-07T15:36:57.000Z",
"first_observed": "2017-10-07T15:36:57Z",
"last_observed": "2017-10-07T15:36:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"ipv4-addr--59d8f499-d2d4-4f3c-9e67-4215950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"dst_ref": "ipv4-addr--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f499-d2d4-4f3c-9e67-4215950d210f",
"value": "98.124.251.65"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49a-37c0-40b0-a2b6-4b39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:58.000Z",
"modified": "2017-10-07T15:36:58.000Z",
"pattern": "[url:value = 'http://aerotransfer.cl/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49a-8fb8-4036-8897-448a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:58.000Z",
"modified": "2017-10-07T15:36:58.000Z",
"pattern": "[domain-name:value = 'aerotransfer.cl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:59.000Z",
"modified": "2017-10-07T15:36:59.000Z",
"first_observed": "2017-10-07T15:36:59Z",
"last_observed": "2017-10-07T15:36:59Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"ipv4-addr--59d8f49b-f2ac-4405-b7c2-45c5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"dst_ref": "ipv4-addr--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f49b-f2ac-4405-b7c2-45c5950d210f",
"value": "131.72.237.171"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49b-3950-4f54-8c00-4bf7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:36:59.000Z",
"modified": "2017-10-07T15:36:59.000Z",
"pattern": "[url:value = 'http://agricom.it/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49c-3cd0-4c21-ab94-4b4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:00.000Z",
"modified": "2017-10-07T15:37:00.000Z",
"pattern": "[domain-name:value = 'agricom.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f49c-9068-41eb-8e03-45c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:00.000Z",
"modified": "2017-10-07T15:37:00.000Z",
"first_observed": "2017-10-07T15:37:00Z",
"last_observed": "2017-10-07T15:37:00Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f49c-9068-41eb-8e03-45c4950d210f",
"ipv4-addr--59d8f49c-9068-41eb-8e03-45c4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f49c-9068-41eb-8e03-45c4950d210f",
"dst_ref": "ipv4-addr--59d8f49c-9068-41eb-8e03-45c4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f49c-9068-41eb-8e03-45c4950d210f",
"value": "195.225.168.230"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49d-9e1c-4383-a5dd-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:01.000Z",
"modified": "2017-10-07T15:37:01.000Z",
"pattern": "[url:value = 'http://agriturismo-1001ulivo.it/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49d-6360-41f7-ae0e-b324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:01.000Z",
"modified": "2017-10-07T15:37:01.000Z",
"pattern": "[domain-name:value = 'agriturismo-1001ulivo.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f49d-7624-4029-9394-43d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:01.000Z",
"modified": "2017-10-07T15:37:01.000Z",
"first_observed": "2017-10-07T15:37:01Z",
"last_observed": "2017-10-07T15:37:01Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f49d-7624-4029-9394-43d6950d210f",
"ipv4-addr--59d8f49d-7624-4029-9394-43d6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f49d-7624-4029-9394-43d6950d210f",
"dst_ref": "ipv4-addr--59d8f49d-7624-4029-9394-43d6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f49d-7624-4029-9394-43d6950d210f",
"value": "85.235.131.27"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49e-b3ec-4771-8d19-49d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:02.000Z",
"modified": "2017-10-07T15:37:02.000Z",
"pattern": "[url:value = 'http://agriturismobellaria.net/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49e-4970-4cc3-b946-483b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:02.000Z",
"modified": "2017-10-07T15:37:02.000Z",
"pattern": "[domain-name:value = 'agriturismobellaria.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:02.000Z",
"modified": "2017-10-07T15:37:02.000Z",
"first_observed": "2017-10-07T15:37:02Z",
"last_observed": "2017-10-07T15:37:02Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"ipv4-addr--59d8f49e-0cb8-4882-8817-4e4a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"dst_ref": "ipv4-addr--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f49e-0cb8-4882-8817-4e4a950d210f",
"value": "80.88.87.95"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49f-88b4-4442-8a01-4a77950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:03.000Z",
"modified": "2017-10-07T15:37:03.000Z",
"pattern": "[url:value = 'http://a-host.co.uk/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f49f-da18-419a-b82b-418a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:03.000Z",
"modified": "2017-10-07T15:37:03.000Z",
"pattern": "[domain-name:value = 'a-host.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:03.000Z",
"modified": "2017-10-07T15:37:03.000Z",
"first_observed": "2017-10-07T15:37:03Z",
"last_observed": "2017-10-07T15:37:03Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"ipv4-addr--59d8f49f-c678-4bb2-bbda-47d5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"dst_ref": "ipv4-addr--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f49f-c678-4bb2-bbda-47d5950d210f",
"value": "213.165.85.53"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a0-4330-4ecc-90da-45c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:04.000Z",
"modified": "2017-10-07T15:37:04.000Z",
"pattern": "[url:value = 'http://akolade.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a0-b328-4563-a46a-4dad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:04.000Z",
"modified": "2017-10-07T15:37:04.000Z",
"pattern": "[domain-name:value = 'akolade.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:04.000Z",
"modified": "2017-10-07T15:37:04.000Z",
"first_observed": "2017-10-07T15:37:04Z",
"last_observed": "2017-10-07T15:37:04Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"ipv4-addr--59d8f4a0-7610-4eb3-a92d-4053950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"dst_ref": "ipv4-addr--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a0-7610-4eb3-a92d-4053950d210f",
"value": "98.124.251.204"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a1-ee40-447b-be77-4c40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:05.000Z",
"modified": "2017-10-07T15:37:05.000Z",
"pattern": "[url:value = 'http://alexandre-azaria.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a1-a6a8-4ced-8b07-4c34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:05.000Z",
"modified": "2017-10-07T15:37:05.000Z",
"pattern": "[domain-name:value = 'alexandre-azaria.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a2-3678-4554-a38c-4083950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:06.000Z",
"modified": "2017-10-07T15:37:06.000Z",
"first_observed": "2017-10-07T15:37:06Z",
"last_observed": "2017-10-07T15:37:06Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a2-3678-4554-a38c-4083950d210f",
"ipv4-addr--59d8f4a2-3678-4554-a38c-4083950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a2-3678-4554-a38c-4083950d210f",
"dst_ref": "ipv4-addr--59d8f4a2-3678-4554-a38c-4083950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a2-3678-4554-a38c-4083950d210f",
"value": "195.154.231.6"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a2-faf4-4cf5-a61e-414b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:06.000Z",
"modified": "2017-10-07T15:37:06.000Z",
"pattern": "[url:value = 'http://allesandradesigns.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a2-4098-425f-941e-4a44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:06.000Z",
"modified": "2017-10-07T15:37:06.000Z",
"pattern": "[domain-name:value = 'allesandradesigns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:07.000Z",
"modified": "2017-10-07T15:37:07.000Z",
"first_observed": "2017-10-07T15:37:07Z",
"last_observed": "2017-10-07T15:37:07Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"ipv4-addr--59d8f4a3-4ba8-448f-8a86-4106950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"dst_ref": "ipv4-addr--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a3-4ba8-448f-8a86-4106950d210f",
"value": "173.203.199.105"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a3-fdb4-4cc0-abb1-48ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:07.000Z",
"modified": "2017-10-07T15:37:07.000Z",
"pattern": "[url:value = 'http://andresarlemijn.nl/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a4-4310-47df-98a0-41de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:08.000Z",
"modified": "2017-10-07T15:37:08.000Z",
"pattern": "[domain-name:value = 'andresarlemijn.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a4-8138-4678-b4c7-4904950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:08.000Z",
"modified": "2017-10-07T15:37:08.000Z",
"first_observed": "2017-10-07T15:37:08Z",
"last_observed": "2017-10-07T15:37:08Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a4-8138-4678-b4c7-4904950d210f",
"ipv4-addr--59d8f4a4-8138-4678-b4c7-4904950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a4-8138-4678-b4c7-4904950d210f",
"dst_ref": "ipv4-addr--59d8f4a4-8138-4678-b4c7-4904950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a4-8138-4678-b4c7-4904950d210f",
"value": "195.60.215.74"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a4-3d4c-473c-82b8-478c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:08.000Z",
"modified": "2017-10-07T15:37:08.000Z",
"pattern": "[url:value = 'http://appartement-sailer.at/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a5-3fd8-4afb-ac22-4641950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:09.000Z",
"modified": "2017-10-07T15:37:09.000Z",
"pattern": "[domain-name:value = 'appartement-sailer.at']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:09.000Z",
"modified": "2017-10-07T15:37:09.000Z",
"first_observed": "2017-10-07T15:37:09Z",
"last_observed": "2017-10-07T15:37:09Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"ipv4-addr--59d8f4a5-e8d8-4b77-b65d-43e0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"dst_ref": "ipv4-addr--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a5-e8d8-4b77-b65d-43e0950d210f",
"value": "83.175.70.7"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a5-3718-4c5a-aa64-b391950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:09.000Z",
"modified": "2017-10-07T15:37:09.000Z",
"pattern": "[url:value = 'http://asheardontheradiogreens.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a6-6f0c-4759-afa9-4230950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:10.000Z",
"modified": "2017-10-07T15:37:10.000Z",
"pattern": "[domain-name:value = 'asheardontheradiogreens.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:10.000Z",
"modified": "2017-10-07T15:37:10.000Z",
"first_observed": "2017-10-07T15:37:10Z",
"last_observed": "2017-10-07T15:37:10Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"ipv4-addr--59d8f4a6-8844-493d-bcd6-4ee2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"dst_ref": "ipv4-addr--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a6-8844-493d-bcd6-4ee2950d210f",
"value": "199.30.241.139"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a7-2a40-4bb0-bd91-4ad8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:11.000Z",
"modified": "2017-10-07T15:37:11.000Z",
"pattern": "[url:value = 'http://felixsolis.mobi/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a7-6c4c-4c51-955f-41ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:11.000Z",
"modified": "2017-10-07T15:37:11.000Z",
"pattern": "[domain-name:value = 'felixsolis.mobi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:11.000Z",
"modified": "2017-10-07T15:37:11.000Z",
"first_observed": "2017-10-07T15:37:11Z",
"last_observed": "2017-10-07T15:37:11Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"ipv4-addr--59d8f4a7-d58c-4188-a270-4ef5950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"dst_ref": "ipv4-addr--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a7-d58c-4188-a270-4ef5950d210f",
"value": "5.2.27.27"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a8-5250-486d-a62e-433d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:12.000Z",
"modified": "2017-10-07T15:37:12.000Z",
"pattern": "[url:value = 'http://moonmusic.com.au/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4a8-b754-48e1-823b-450c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:12.000Z",
"modified": "2017-10-07T15:37:12.000Z",
"pattern": "[domain-name:value = 'moonmusic.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:13.000Z",
"modified": "2017-10-07T15:37:13.000Z",
"first_observed": "2017-10-07T15:37:13Z",
"last_observed": "2017-10-07T15:37:13Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"ipv4-addr--59d8f4a9-6950-47b5-a711-4dfa950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"dst_ref": "ipv4-addr--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4a9-6950-47b5-a711-4dfa950d210f",
"value": "117.55.235.14"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4aa-0620-47b7-9894-4dc2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:14.000Z",
"modified": "2017-10-07T15:37:14.000Z",
"pattern": "[url:value = 'http://PamelaSparrowChilds.com/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4aa-6f58-44e9-a995-4245950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:14.000Z",
"modified": "2017-10-07T15:37:14.000Z",
"pattern": "[domain-name:value = 'pamelasparrowchilds.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:14.000Z",
"modified": "2017-10-07T15:37:14.000Z",
"first_observed": "2017-10-07T15:37:14Z",
"last_observed": "2017-10-07T15:37:14Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"ipv4-addr--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"dst_ref": "ipv4-addr--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59d8f4aa-dd28-4c6e-b3e1-40b0950d210f",
"value": "23.229.153.66"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4ab-f324-42ae-87ba-480c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:15.000Z",
"modified": "2017-10-07T15:37:15.000Z",
"pattern": "[url:value = 'http://thedarkpvp.net/p66/uywtfgh36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59d8f4ab-bae0-4566-b4d4-437b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-07T15:37:15.000Z",
"modified": "2017-10-07T15:37:15.000Z",
"pattern": "[domain-name:value = 'thedarkpvp.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-07T15:37:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink