adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/59e72f27-d8a8-4d67-988f-4a72950d210f.json

2369 lines
95 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--59e72f27-d8a8-4d67-988f-4a72950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-11-16T08:22:21.000Z",
"modified": "2017-11-16T08:22:21.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59e72f27-d8a8-4d67-988f-4a72950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-11-16T08:22:21.000Z",
"modified": "2017-11-16T08:22:21.000Z",
"name": "M2M - Locky Affid=3, \".asasin\"/Trickbot \"mac1\" 2017-10-18 : \"Invoice 123456789 10.18.2017.7z\"",
"published": "2017-11-16T08:22:29Z",
"object_refs": [
"indicator--59e72f29-1170-43db-a994-4c21950d210f",
"indicator--59e72f29-7830-4c84-bbde-41eb950d210f",
"indicator--59e72f29-faa8-4402-92a5-46e4950d210f",
"indicator--59e72f29-0ae8-4e16-b229-4c87950d210f",
"observed-data--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"network-traffic--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"ipv4-addr--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"indicator--59e72f2b-7324-4c1e-a8b3-4290950d210f",
"indicator--59e72f2b-fe34-48d3-963f-46ee950d210f",
"observed-data--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"network-traffic--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"ipv4-addr--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"indicator--59e72f2c-8680-4e1d-bac5-4769950d210f",
"indicator--59e72f2c-a900-4f50-9ea2-46b3950d210f",
"observed-data--59e72f2d-7958-4325-bcae-44d3950d210f",
"network-traffic--59e72f2d-7958-4325-bcae-44d3950d210f",
"ipv4-addr--59e72f2d-7958-4325-bcae-44d3950d210f",
"indicator--59e72f2d-631c-496b-905a-47c5950d210f",
"indicator--59e72f2d-6acc-4286-b8e0-4f67950d210f",
"observed-data--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"network-traffic--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"ipv4-addr--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"indicator--59e72f2f-e4b8-4362-907e-41c2950d210f",
"indicator--59e72f2f-7d78-4e3e-9009-466c950d210f",
"indicator--59e72f4e-b7c8-4c68-a0e1-4efe950d210f",
"indicator--59e72f4e-f454-40f3-b262-4317950d210f",
"observed-data--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"network-traffic--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"ipv4-addr--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"indicator--59e72f4e-b8e0-4b3b-b6d0-4ab1950d210f",
"indicator--59e72f4f-dea4-4ba8-8f80-438b950d210f",
"observed-data--59e72f4f-88d4-4551-bd67-443a950d210f",
"network-traffic--59e72f4f-88d4-4551-bd67-443a950d210f",
"ipv4-addr--59e72f4f-88d4-4551-bd67-443a950d210f",
"indicator--59e72f4f-83b8-4840-8065-41f1950d210f",
"indicator--59e72f4f-34c0-4b2c-ad65-4694950d210f",
"observed-data--59e72f50-8d64-44ed-b782-48b6950d210f",
"network-traffic--59e72f50-8d64-44ed-b782-48b6950d210f",
"ipv4-addr--59e72f50-8d64-44ed-b782-48b6950d210f",
"indicator--59e72f50-372c-4905-9b0f-48a6950d210f",
"indicator--59e72f51-95d8-45c3-8f0b-441b950d210f",
"observed-data--59e72f51-1754-435a-a1ad-4014950d210f",
"network-traffic--59e72f51-1754-435a-a1ad-4014950d210f",
"ipv4-addr--59e72f51-1754-435a-a1ad-4014950d210f",
"indicator--59e72f51-8010-43d3-b26b-4db6950d210f",
"observed-data--59e72f51-faa8-428d-a299-4cbb950d210f",
"network-traffic--59e72f51-faa8-428d-a299-4cbb950d210f",
"ipv4-addr--59e72f51-faa8-428d-a299-4cbb950d210f",
"observed-data--59e72f52-d2bc-43ce-864b-4405950d210f",
"network-traffic--59e72f52-d2bc-43ce-864b-4405950d210f",
"ipv4-addr--59e72f52-d2bc-43ce-864b-4405950d210f",
"observed-data--59e72f52-0858-47bc-801e-4b63950d210f",
"network-traffic--59e72f52-0858-47bc-801e-4b63950d210f",
"ipv4-addr--59e72f52-0858-47bc-801e-4b63950d210f",
"observed-data--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"network-traffic--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"ipv4-addr--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"observed-data--59e72f52-9da8-40fa-8fc4-40de950d210f",
"network-traffic--59e72f52-9da8-40fa-8fc4-40de950d210f",
"ipv4-addr--59e72f52-9da8-40fa-8fc4-40de950d210f",
"observed-data--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"network-traffic--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"ipv4-addr--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"observed-data--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"network-traffic--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"ipv4-addr--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"observed-data--59e72f53-1bac-4d49-95a0-4b62950d210f",
"network-traffic--59e72f53-1bac-4d49-95a0-4b62950d210f",
"ipv4-addr--59e72f53-1bac-4d49-95a0-4b62950d210f",
"observed-data--59e72f53-d860-40b1-ab5b-4254950d210f",
"network-traffic--59e72f53-d860-40b1-ab5b-4254950d210f",
"ipv4-addr--59e72f53-d860-40b1-ab5b-4254950d210f",
"observed-data--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"network-traffic--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"ipv4-addr--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"observed-data--59e72f54-8dcc-4c64-8d18-4631950d210f",
"network-traffic--59e72f54-8dcc-4c64-8d18-4631950d210f",
"ipv4-addr--59e72f54-8dcc-4c64-8d18-4631950d210f",
"observed-data--59e72f54-6d74-47bf-b21f-477e950d210f",
"network-traffic--59e72f54-6d74-47bf-b21f-477e950d210f",
"ipv4-addr--59e72f54-6d74-47bf-b21f-477e950d210f",
"observed-data--59e72f54-71a0-422d-86a2-4678950d210f",
"network-traffic--59e72f54-71a0-422d-86a2-4678950d210f",
"ipv4-addr--59e72f54-71a0-422d-86a2-4678950d210f",
"observed-data--59e72f55-96d0-4426-977a-47f4950d210f",
"network-traffic--59e72f55-96d0-4426-977a-47f4950d210f",
"ipv4-addr--59e72f55-96d0-4426-977a-47f4950d210f",
"observed-data--59e72f55-dd24-4161-853b-4ffd950d210f",
"network-traffic--59e72f55-dd24-4161-853b-4ffd950d210f",
"ipv4-addr--59e72f55-dd24-4161-853b-4ffd950d210f",
"observed-data--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"network-traffic--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"ipv4-addr--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"observed-data--59e72f56-e4cc-46de-babf-40ee950d210f",
"network-traffic--59e72f56-e4cc-46de-babf-40ee950d210f",
"ipv4-addr--59e72f56-e4cc-46de-babf-40ee950d210f",
"observed-data--59e72f56-2b80-4eca-a49c-47fb950d210f",
"network-traffic--59e72f56-2b80-4eca-a49c-47fb950d210f",
"ipv4-addr--59e72f56-2b80-4eca-a49c-47fb950d210f",
"observed-data--59e72f56-1da4-43a4-8109-48e0950d210f",
"network-traffic--59e72f56-1da4-43a4-8109-48e0950d210f",
"ipv4-addr--59e72f56-1da4-43a4-8109-48e0950d210f",
"observed-data--59e72f56-4ec4-471e-906a-4c26950d210f",
"network-traffic--59e72f56-4ec4-471e-906a-4c26950d210f",
"ipv4-addr--59e72f56-4ec4-471e-906a-4c26950d210f",
"observed-data--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"network-traffic--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"ipv4-addr--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"observed-data--59e72f57-b588-4852-a36f-47bf950d210f",
"network-traffic--59e72f57-b588-4852-a36f-47bf950d210f",
"ipv4-addr--59e72f57-b588-4852-a36f-47bf950d210f",
"observed-data--59e72f57-a81c-49e0-bcb7-43be950d210f",
"network-traffic--59e72f57-a81c-49e0-bcb7-43be950d210f",
"ipv4-addr--59e72f57-a81c-49e0-bcb7-43be950d210f",
"observed-data--59e72f57-8618-4d95-b822-4ed3950d210f",
"network-traffic--59e72f57-8618-4d95-b822-4ed3950d210f",
"ipv4-addr--59e72f57-8618-4d95-b822-4ed3950d210f",
"observed-data--59e72f57-c1ac-442c-8206-4927950d210f",
"network-traffic--59e72f57-c1ac-442c-8206-4927950d210f",
"ipv4-addr--59e72f57-c1ac-442c-8206-4927950d210f",
"observed-data--59e72f58-1c20-44dd-92fb-4207950d210f",
"network-traffic--59e72f58-1c20-44dd-92fb-4207950d210f",
"ipv4-addr--59e72f58-1c20-44dd-92fb-4207950d210f",
"observed-data--59e72f58-2324-47d2-a074-41bd950d210f",
"network-traffic--59e72f58-2324-47d2-a074-41bd950d210f",
"ipv4-addr--59e72f58-2324-47d2-a074-41bd950d210f",
"observed-data--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"network-traffic--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"ipv4-addr--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"observed-data--59e72f58-e044-4c0b-b000-4156950d210f",
"network-traffic--59e72f58-e044-4c0b-b000-4156950d210f",
"ipv4-addr--59e72f58-e044-4c0b-b000-4156950d210f",
"observed-data--59e72f59-9990-4a31-98c5-4ae4950d210f",
"network-traffic--59e72f59-9990-4a31-98c5-4ae4950d210f",
"ipv4-addr--59e72f59-9990-4a31-98c5-4ae4950d210f",
"observed-data--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"network-traffic--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"ipv4-addr--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"observed-data--59e72f5a-7ba4-4193-b054-4e95950d210f",
"network-traffic--59e72f5a-7ba4-4193-b054-4e95950d210f",
"ipv4-addr--59e72f5a-7ba4-4193-b054-4e95950d210f",
"observed-data--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"network-traffic--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"ipv4-addr--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"observed-data--59e72f5a-f3b0-4020-811b-47ec950d210f",
"network-traffic--59e72f5a-f3b0-4020-811b-47ec950d210f",
"ipv4-addr--59e72f5a-f3b0-4020-811b-47ec950d210f",
"observed-data--59e72f5a-3504-4f2b-9355-42cb950d210f",
"network-traffic--59e72f5a-3504-4f2b-9355-42cb950d210f",
"ipv4-addr--59e72f5a-3504-4f2b-9355-42cb950d210f",
"observed-data--59e72f5b-485c-40b5-9d24-4e21950d210f",
"network-traffic--59e72f5b-485c-40b5-9d24-4e21950d210f",
"ipv4-addr--59e72f5b-485c-40b5-9d24-4e21950d210f",
"observed-data--59e72f5b-b6f4-440f-a463-49a8950d210f",
"network-traffic--59e72f5b-b6f4-440f-a463-49a8950d210f",
"ipv4-addr--59e72f5b-b6f4-440f-a463-49a8950d210f",
"indicator--59e8c90b-2460-43e4-9578-435c02de0b81",
"indicator--59e8c90b-1764-4868-8203-43a002de0b81",
"observed-data--59e8c90b-5a50-4a24-9207-417b02de0b81",
"url--59e8c90b-5a50-4a24-9207-417b02de0b81",
"indicator--59e8c90b-53c8-4478-8d86-41c002de0b81",
"indicator--59e8c90b-4384-4e46-bc32-4c4a02de0b81",
"observed-data--59e8c90b-0fa8-4576-befa-427302de0b81",
"url--59e8c90b-0fa8-4576-befa-427302de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\"",
"misp-galaxy:tool=\"Trick Bot\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f29-1170-43db-a994-4c21950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[file:hashes.MD5 = 'ebae928bc0051c735d6facdc347511cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f29-7830-4c84-bbde-41eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[file:hashes.MD5 = 'dc2953728cc1b22536049e20b0163934']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f29-faa8-4402-92a5-46e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://haddownding.net/trtrtr.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f29-0ae8-4e16-b229-4c87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'haddownding.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"ipv4-addr--59e72f2b-a1e4-442d-8f5b-46da950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"dst_ref": "ipv4-addr--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f2b-a1e4-442d-8f5b-46da950d210f",
"value": "49.51.134.78"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2b-7324-4c1e-a8b3-4290950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://envi-herzog.de/iuty56g']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2b-fe34-48d3-963f-46ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'envi-herzog.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"ipv4-addr--59e72f2c-6224-4ec4-95ac-4a3a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"dst_ref": "ipv4-addr--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f2c-6224-4ec4-95ac-4a3a950d210f",
"value": "194.116.187.130"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2c-8680-4e1d-bac5-4769950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://pac-provider.com/iuty56g']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2c-a900-4f50-9ea2-46b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'pac-provider.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f2d-7958-4325-bcae-44d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f2d-7958-4325-bcae-44d3950d210f",
"ipv4-addr--59e72f2d-7958-4325-bcae-44d3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f2d-7958-4325-bcae-44d3950d210f",
"dst_ref": "ipv4-addr--59e72f2d-7958-4325-bcae-44d3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f2d-7958-4325-bcae-44d3950d210f",
"value": "49.236.200.215"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2d-631c-496b-905a-47c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://pesonamas.co.id/iuty56g']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2d-6acc-4286-b8e0-4f67950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'pesonamas.co.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"ipv4-addr--59e72f2f-2e80-4ee5-a00a-42e7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"dst_ref": "ipv4-addr--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f2f-2e80-4ee5-a00a-42e7950d210f",
"value": "202.169.44.149"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2f-e4b8-4362-907e-41c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://disfrance.net/p66/iuty56g']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f2f-7d78-4e3e-9009-466c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'disfrance.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4e-b7c8-4c68-a0e1-4efe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://3overpar.com/niv785yg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4e-f454-40f3-b262-4317950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = '3overpar.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"ipv4-addr--59e72f4e-4e18-437f-8d86-4ab2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"dst_ref": "ipv4-addr--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f4e-4e18-437f-8d86-4ab2950d210f",
"value": "98.124.251.167"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4e-b8e0-4b3b-b6d0-4ab1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://dbatee.gr/niv785yg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4f-dea4-4ba8-8f80-438b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'dbatee.gr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f4f-88d4-4551-bd67-443a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f4f-88d4-4551-bd67-443a950d210f",
"ipv4-addr--59e72f4f-88d4-4551-bd67-443a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f4f-88d4-4551-bd67-443a950d210f",
"dst_ref": "ipv4-addr--59e72f4f-88d4-4551-bd67-443a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f4f-88d4-4551-bd67-443a950d210f",
"value": "62.103.152.100"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4f-83b8-4840-8065-41f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://goliathstoneindustries.com/niv785yg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f4f-34c0-4b2c-ad65-4694950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'goliathstoneindustries.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f50-8d64-44ed-b782-48b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f50-8d64-44ed-b782-48b6950d210f",
"ipv4-addr--59e72f50-8d64-44ed-b782-48b6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f50-8d64-44ed-b782-48b6950d210f",
"dst_ref": "ipv4-addr--59e72f50-8d64-44ed-b782-48b6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f50-8d64-44ed-b782-48b6950d210f",
"value": "103.53.172.3"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f50-372c-4905-9b0f-48a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://pciholog.ru/niv785yg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f51-95d8-45c3-8f0b-441b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[domain-name:value = 'pciholog.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f51-1754-435a-a1ad-4014950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"first_observed": "2017-10-19T15:47:22Z",
"last_observed": "2017-10-19T15:47:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f51-1754-435a-a1ad-4014950d210f",
"ipv4-addr--59e72f51-1754-435a-a1ad-4014950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f51-1754-435a-a1ad-4014950d210f",
"dst_ref": "ipv4-addr--59e72f51-1754-435a-a1ad-4014950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f51-1754-435a-a1ad-4014950d210f",
"value": "89.253.235.118"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e72f51-8010-43d3-b26b-4db6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:22.000Z",
"modified": "2017-10-19T15:47:22.000Z",
"pattern": "[url:value = 'http://disfrance.net/p66/niv785yg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f51-faa8-428d-a299-4cbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f51-faa8-428d-a299-4cbb950d210f",
"ipv4-addr--59e72f51-faa8-428d-a299-4cbb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f51-faa8-428d-a299-4cbb950d210f",
"dst_ref": "ipv4-addr--59e72f51-faa8-428d-a299-4cbb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f51-faa8-428d-a299-4cbb950d210f",
"value": "79.170.7.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f52-d2bc-43ce-864b-4405950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f52-d2bc-43ce-864b-4405950d210f",
"ipv4-addr--59e72f52-d2bc-43ce-864b-4405950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f52-d2bc-43ce-864b-4405950d210f",
"dst_ref": "ipv4-addr--59e72f52-d2bc-43ce-864b-4405950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f52-d2bc-43ce-864b-4405950d210f",
"value": "196.202.194.202"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f52-0858-47bc-801e-4b63950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f52-0858-47bc-801e-4b63950d210f",
"ipv4-addr--59e72f52-0858-47bc-801e-4b63950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f52-0858-47bc-801e-4b63950d210f",
"dst_ref": "ipv4-addr--59e72f52-0858-47bc-801e-4b63950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f52-0858-47bc-801e-4b63950d210f",
"value": "46.20.56.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"ipv4-addr--59e72f52-5ea0-4198-9c88-4ac8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"dst_ref": "ipv4-addr--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f52-5ea0-4198-9c88-4ac8950d210f",
"value": "176.120.126.21"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f52-9da8-40fa-8fc4-40de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f52-9da8-40fa-8fc4-40de950d210f",
"ipv4-addr--59e72f52-9da8-40fa-8fc4-40de950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f52-9da8-40fa-8fc4-40de950d210f",
"dst_ref": "ipv4-addr--59e72f52-9da8-40fa-8fc4-40de950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f52-9da8-40fa-8fc4-40de950d210f",
"value": "91.239.249.118"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"ipv4-addr--59e72f53-c400-4ffd-baa6-4aa7950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"dst_ref": "ipv4-addr--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f53-c400-4ffd-baa6-4aa7950d210f",
"value": "156.17.92.161"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"ipv4-addr--59e72f53-0ff8-4ed7-b815-4a82950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"dst_ref": "ipv4-addr--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f53-0ff8-4ed7-b815-4a82950d210f",
"value": "86.80.209.49"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f53-1bac-4d49-95a0-4b62950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f53-1bac-4d49-95a0-4b62950d210f",
"ipv4-addr--59e72f53-1bac-4d49-95a0-4b62950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f53-1bac-4d49-95a0-4b62950d210f",
"dst_ref": "ipv4-addr--59e72f53-1bac-4d49-95a0-4b62950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f53-1bac-4d49-95a0-4b62950d210f",
"value": "46.20.56.237"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f53-d860-40b1-ab5b-4254950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f53-d860-40b1-ab5b-4254950d210f",
"ipv4-addr--59e72f53-d860-40b1-ab5b-4254950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f53-d860-40b1-ab5b-4254950d210f",
"dst_ref": "ipv4-addr--59e72f53-d860-40b1-ab5b-4254950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f53-d860-40b1-ab5b-4254950d210f",
"value": "62.87.151.219"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"ipv4-addr--59e72f53-61e0-4bd2-b3a7-42cb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"dst_ref": "ipv4-addr--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f53-61e0-4bd2-b3a7-42cb950d210f",
"value": "188.137.86.7"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f54-8dcc-4c64-8d18-4631950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f54-8dcc-4c64-8d18-4631950d210f",
"ipv4-addr--59e72f54-8dcc-4c64-8d18-4631950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f54-8dcc-4c64-8d18-4631950d210f",
"dst_ref": "ipv4-addr--59e72f54-8dcc-4c64-8d18-4631950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f54-8dcc-4c64-8d18-4631950d210f",
"value": "178.254.183.34"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f54-6d74-47bf-b21f-477e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f54-6d74-47bf-b21f-477e950d210f",
"ipv4-addr--59e72f54-6d74-47bf-b21f-477e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f54-6d74-47bf-b21f-477e950d210f",
"dst_ref": "ipv4-addr--59e72f54-6d74-47bf-b21f-477e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f54-6d74-47bf-b21f-477e950d210f",
"value": "178.254.183.13"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f54-71a0-422d-86a2-4678950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f54-71a0-422d-86a2-4678950d210f",
"ipv4-addr--59e72f54-71a0-422d-86a2-4678950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f54-71a0-422d-86a2-4678950d210f",
"dst_ref": "ipv4-addr--59e72f54-71a0-422d-86a2-4678950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f54-71a0-422d-86a2-4678950d210f",
"value": "176.111.24.4"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f55-96d0-4426-977a-47f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f55-96d0-4426-977a-47f4950d210f",
"ipv4-addr--59e72f55-96d0-4426-977a-47f4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f55-96d0-4426-977a-47f4950d210f",
"dst_ref": "ipv4-addr--59e72f55-96d0-4426-977a-47f4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f55-96d0-4426-977a-47f4950d210f",
"value": "178.217.117.240"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f55-dd24-4161-853b-4ffd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f55-dd24-4161-853b-4ffd950d210f",
"ipv4-addr--59e72f55-dd24-4161-853b-4ffd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f55-dd24-4161-853b-4ffd950d210f",
"dst_ref": "ipv4-addr--59e72f55-dd24-4161-853b-4ffd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f55-dd24-4161-853b-4ffd950d210f",
"value": "178.217.119.241"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"ipv4-addr--59e72f55-2778-4f0a-a3f1-4f46950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"dst_ref": "ipv4-addr--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f55-2778-4f0a-a3f1-4f46950d210f",
"value": "78.24.219.105"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f56-e4cc-46de-babf-40ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f56-e4cc-46de-babf-40ee950d210f",
"ipv4-addr--59e72f56-e4cc-46de-babf-40ee950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f56-e4cc-46de-babf-40ee950d210f",
"dst_ref": "ipv4-addr--59e72f56-e4cc-46de-babf-40ee950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f56-e4cc-46de-babf-40ee950d210f",
"value": "92.63.105.129"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f56-2b80-4eca-a49c-47fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f56-2b80-4eca-a49c-47fb950d210f",
"ipv4-addr--59e72f56-2b80-4eca-a49c-47fb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f56-2b80-4eca-a49c-47fb950d210f",
"dst_ref": "ipv4-addr--59e72f56-2b80-4eca-a49c-47fb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f56-2b80-4eca-a49c-47fb950d210f",
"value": "62.109.30.9"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f56-1da4-43a4-8109-48e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f56-1da4-43a4-8109-48e0950d210f",
"ipv4-addr--59e72f56-1da4-43a4-8109-48e0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f56-1da4-43a4-8109-48e0950d210f",
"dst_ref": "ipv4-addr--59e72f56-1da4-43a4-8109-48e0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f56-1da4-43a4-8109-48e0950d210f",
"value": "82.146.44.189"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f56-4ec4-471e-906a-4c26950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f56-4ec4-471e-906a-4c26950d210f",
"ipv4-addr--59e72f56-4ec4-471e-906a-4c26950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f56-4ec4-471e-906a-4c26950d210f",
"dst_ref": "ipv4-addr--59e72f56-4ec4-471e-906a-4c26950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f56-4ec4-471e-906a-4c26950d210f",
"value": "82.146.60.211"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"ipv4-addr--59e72f56-4bf4-49f5-9a74-4f48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"dst_ref": "ipv4-addr--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f56-4bf4-49f5-9a74-4f48950d210f",
"value": "194.87.238.205"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f57-b588-4852-a36f-47bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f57-b588-4852-a36f-47bf950d210f",
"ipv4-addr--59e72f57-b588-4852-a36f-47bf950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f57-b588-4852-a36f-47bf950d210f",
"dst_ref": "ipv4-addr--59e72f57-b588-4852-a36f-47bf950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f57-b588-4852-a36f-47bf950d210f",
"value": "195.133.49.20"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f57-a81c-49e0-bcb7-43be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f57-a81c-49e0-bcb7-43be950d210f",
"ipv4-addr--59e72f57-a81c-49e0-bcb7-43be950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f57-a81c-49e0-bcb7-43be950d210f",
"dst_ref": "ipv4-addr--59e72f57-a81c-49e0-bcb7-43be950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f57-a81c-49e0-bcb7-43be950d210f",
"value": "46.17.40.97"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f57-8618-4d95-b822-4ed3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f57-8618-4d95-b822-4ed3950d210f",
"ipv4-addr--59e72f57-8618-4d95-b822-4ed3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f57-8618-4d95-b822-4ed3950d210f",
"dst_ref": "ipv4-addr--59e72f57-8618-4d95-b822-4ed3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f57-8618-4d95-b822-4ed3950d210f",
"value": "141.255.167.112"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f57-c1ac-442c-8206-4927950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f57-c1ac-442c-8206-4927950d210f",
"ipv4-addr--59e72f57-c1ac-442c-8206-4927950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f57-c1ac-442c-8206-4927950d210f",
"dst_ref": "ipv4-addr--59e72f57-c1ac-442c-8206-4927950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f57-c1ac-442c-8206-4927950d210f",
"value": "194.87.92.6"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f58-1c20-44dd-92fb-4207950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f58-1c20-44dd-92fb-4207950d210f",
"ipv4-addr--59e72f58-1c20-44dd-92fb-4207950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f58-1c20-44dd-92fb-4207950d210f",
"dst_ref": "ipv4-addr--59e72f58-1c20-44dd-92fb-4207950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f58-1c20-44dd-92fb-4207950d210f",
"value": "62.109.30.96"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f58-2324-47d2-a074-41bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f58-2324-47d2-a074-41bd950d210f",
"ipv4-addr--59e72f58-2324-47d2-a074-41bd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f58-2324-47d2-a074-41bd950d210f",
"dst_ref": "ipv4-addr--59e72f58-2324-47d2-a074-41bd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f58-2324-47d2-a074-41bd950d210f",
"value": "194.87.146.161"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"ipv4-addr--59e72f58-65c8-4585-b7d1-4cfd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"dst_ref": "ipv4-addr--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f58-65c8-4585-b7d1-4cfd950d210f",
"value": "62.109.4.137"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f58-e044-4c0b-b000-4156950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f58-e044-4c0b-b000-4156950d210f",
"ipv4-addr--59e72f58-e044-4c0b-b000-4156950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f58-e044-4c0b-b000-4156950d210f",
"dst_ref": "ipv4-addr--59e72f58-e044-4c0b-b000-4156950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f58-e044-4c0b-b000-4156950d210f",
"value": "194.87.239.60"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f59-9990-4a31-98c5-4ae4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f59-9990-4a31-98c5-4ae4950d210f",
"ipv4-addr--59e72f59-9990-4a31-98c5-4ae4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f59-9990-4a31-98c5-4ae4950d210f",
"dst_ref": "ipv4-addr--59e72f59-9990-4a31-98c5-4ae4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f59-9990-4a31-98c5-4ae4950d210f",
"value": "185.125.46.88"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"ipv4-addr--59e72f59-7e5c-4cf4-b47b-4b29950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"dst_ref": "ipv4-addr--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f59-7e5c-4cf4-b47b-4b29950d210f",
"value": "5.101.78.97"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5a-7ba4-4193-b054-4e95950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5a-7ba4-4193-b054-4e95950d210f",
"ipv4-addr--59e72f5a-7ba4-4193-b054-4e95950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5a-7ba4-4193-b054-4e95950d210f",
"dst_ref": "ipv4-addr--59e72f5a-7ba4-4193-b054-4e95950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5a-7ba4-4193-b054-4e95950d210f",
"value": "185.12.94.101"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"ipv4-addr--59e72f5a-9100-4e2d-9b4b-4f55950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"dst_ref": "ipv4-addr--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5a-9100-4e2d-9b4b-4f55950d210f",
"value": "193.19.119.190"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5a-f3b0-4020-811b-47ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5a-f3b0-4020-811b-47ec950d210f",
"ipv4-addr--59e72f5a-f3b0-4020-811b-47ec950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5a-f3b0-4020-811b-47ec950d210f",
"dst_ref": "ipv4-addr--59e72f5a-f3b0-4020-811b-47ec950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5a-f3b0-4020-811b-47ec950d210f",
"value": "179.43.147.232"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5a-3504-4f2b-9355-42cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5a-3504-4f2b-9355-42cb950d210f",
"ipv4-addr--59e72f5a-3504-4f2b-9355-42cb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5a-3504-4f2b-9355-42cb950d210f",
"dst_ref": "ipv4-addr--59e72f5a-3504-4f2b-9355-42cb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5a-3504-4f2b-9355-42cb950d210f",
"value": "195.133.197.198"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5b-485c-40b5-9d24-4e21950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5b-485c-40b5-9d24-4e21950d210f",
"ipv4-addr--59e72f5b-485c-40b5-9d24-4e21950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5b-485c-40b5-9d24-4e21950d210f",
"dst_ref": "ipv4-addr--59e72f5b-485c-40b5-9d24-4e21950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5b-485c-40b5-9d24-4e21950d210f",
"value": "188.227.17.104"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e72f5b-b6f4-440f-a463-49a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59e72f5b-b6f4-440f-a463-49a8950d210f",
"ipv4-addr--59e72f5b-b6f4-440f-a463-49a8950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59e72f5b-b6f4-440f-a463-49a8950d210f",
"dst_ref": "ipv4-addr--59e72f5b-b6f4-440f-a463-49a8950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59e72f5b-b6f4-440f-a463-49a8950d210f",
"value": "194.87.111.47"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e8c90b-2460-43e4-9578-435c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"description": "- Xchecked via VT: dc2953728cc1b22536049e20b0163934",
"pattern": "[file:hashes.SHA256 = '9f6cce5b4c800f6ee2713efb58c098b2520257cac831288f576a1a4c01c1564b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e8c90b-1764-4868-8203-43a002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"description": "- Xchecked via VT: dc2953728cc1b22536049e20b0163934",
"pattern": "[file:hashes.SHA1 = '3ca477405129514bb57d427156280d65a5ce49f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e8c90b-5a50-4a24-9207-417b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"url--59e8c90b-5a50-4a24-9207-417b02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59e8c90b-5a50-4a24-9207-417b02de0b81",
"value": "https://www.virustotal.com/file/9f6cce5b4c800f6ee2713efb58c098b2520257cac831288f576a1a4c01c1564b/analysis/1508393753/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e8c90b-53c8-4478-8d86-41c002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"description": "- Xchecked via VT: ebae928bc0051c735d6facdc347511cb",
"pattern": "[file:hashes.SHA256 = '64aae4b954766b84f8f8fdac62f7b53dcaa61b07031321a027740a4f9f0fe484']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59e8c90b-4384-4e46-bc32-4c4a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"description": "- Xchecked via VT: ebae928bc0051c735d6facdc347511cb",
"pattern": "[file:hashes.SHA1 = 'b4dc3bcea137ac294bf21728ea5f9b6f14a427cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-19T15:47:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59e8c90b-0fa8-4576-befa-427302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-19T15:47:23.000Z",
"modified": "2017-10-19T15:47:23.000Z",
"first_observed": "2017-10-19T15:47:23Z",
"last_observed": "2017-10-19T15:47:23Z",
"number_observed": 1,
"object_refs": [
"url--59e8c90b-0fa8-4576-befa-427302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59e8c90b-0fa8-4576-befa-427302de0b81",
"value": "https://www.virustotal.com/file/64aae4b954766b84f8f8fdac62f7b53dcaa61b07031321a027740a4f9f0fe484/analysis/1508408563/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink