adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5a5df98f-3ea4-4cd5-b1d5-47d5950d210f.json

1576 lines
63 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [feed] feed updated
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--5a5df98f-3ea4-4cd5-b1d5-47d5950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:46:49.000Z",
"modified": "2018-01-16T13:46:49.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5a5df98f-3ea4-4cd5-b1d5-47d5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:46:49.000Z",
"modified": "2018-01-16T13:46:49.000Z",
"name": "OSINT Phantom of the Opaera: New KASPERAGENT Malware Campaign by ThreatConnect",
"published": "2018-01-16T13:46:55Z",
"object_refs": [
"observed-data--5a5dfa7f-3e2c-4d2f-bfa2-62e5950d210f",
"url--5a5dfa7f-3e2c-4d2f-bfa2-62e5950d210f",
"observed-data--5a5dfa7f-fdf0-4b29-b3b6-62e5950d210f",
"url--5a5dfa7f-fdf0-4b29-b3b6-62e5950d210f",
"observed-data--5a5dfa7f-e974-43a9-a4b8-62e5950d210f",
"url--5a5dfa7f-e974-43a9-a4b8-62e5950d210f",
"observed-data--5a5dfa7f-0d38-4c30-bfc2-62e5950d210f",
"url--5a5dfa7f-0d38-4c30-bfc2-62e5950d210f",
"observed-data--5a5dfa7f-215c-42ac-8c84-62e5950d210f",
"url--5a5dfa7f-215c-42ac-8c84-62e5950d210f",
"x-misp-attribute--5a5dfaa7-cb80-4fd8-b424-46c0950d210f",
"indicator--5a5dfab6-c328-44c4-b3e4-bff6950d210f",
"indicator--5a5dfab6-467c-45d8-adf9-bff6950d210f",
"indicator--5a5dfad2-24a0-46cc-9257-46be950d210f",
"indicator--5a5dfad2-3e88-469e-ad8e-4917950d210f",
"indicator--5a5dfaec-a0b8-44c2-8802-c1be950d210f",
"indicator--5a5dfaec-7b28-4d37-89dc-c1be950d210f",
"indicator--5a5dfaec-d4c8-4f95-928c-c1be950d210f",
"indicator--5a5dfb14-0a08-4f8b-abf7-44a3950d210f",
"indicator--5a5dfb15-9e3c-4d8f-9580-4b34950d210f",
"indicator--5a5dfb2f-f3f0-40a4-8746-62e5950d210f",
"indicator--5a5dfb45-d0f0-4f3c-9010-476e950d210f",
"indicator--5a5dfb45-b754-4fc6-9687-4265950d210f",
"observed-data--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"network-traffic--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"ipv4-addr--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"indicator--5a5dfb6a-08c0-4d3a-aff7-4c82950d210f",
"indicator--5a5dfb6a-90e4-423a-8ffa-4c58950d210f",
"indicator--5a5dfb6a-7ad8-4026-94c1-4596950d210f",
"indicator--5a5dfb6b-b78c-4f37-a92f-4db9950d210f",
"indicator--5a5dfb6b-1070-4ec8-9123-4e38950d210f",
"indicator--5a5dfb6c-9bd0-47b2-8f40-44c3950d210f",
"indicator--5a5dfb6c-5b5c-40d0-b251-4f33950d210f",
"indicator--5a5dfb6d-1038-4ce4-8d79-4e4d950d210f",
"indicator--5a5dfb6d-cd94-4687-a84a-44b6950d210f",
"indicator--5a5dfb6d-b354-4f56-a4ff-4a5f950d210f",
"indicator--5a5dfb6e-f0c0-4718-9153-4f79950d210f",
"indicator--5a5dfb6e-2e90-47c2-be61-4411950d210f",
"indicator--5a5dfb8e-8ecc-4905-9fac-4347950d210f",
"indicator--5a5dfb8f-cbf4-42c3-b2b0-4725950d210f",
"indicator--5a5dfb8f-f5e0-4e15-b049-4ae2950d210f",
"indicator--5a5e01af-a050-4383-91ca-4711950d210f",
"indicator--5a5e01b0-9b30-4098-bfa7-4795950d210f",
"indicator--5a5e01b0-2bf0-4137-b3d4-4d9e950d210f",
"indicator--5a5e01b0-1adc-461c-8f3b-4d66950d210f",
"indicator--5a5e01b1-5120-4c22-ad0c-4994950d210f",
"indicator--5a5e01b1-f4d0-48e3-8428-4309950d210f",
"indicator--5a5e01b2-da38-4971-9d68-4954950d210f",
"indicator--5a5e01b2-e094-41be-a734-406d950d210f",
"indicator--5a5e01b3-4240-47b2-b3f1-4b06950d210f",
"indicator--5a5e01b3-e060-4ca3-91d5-414f950d210f",
"indicator--5a5e01b4-1bc8-4cf7-829d-4867950d210f",
"indicator--5a5e01b4-51e0-4f60-8abd-4c21950d210f",
"indicator--5a5e01b4-7958-4e69-b9fb-4e1f950d210f",
"indicator--5a5e01b5-4f6c-435b-bebd-43d5950d210f",
"indicator--5a5e01b5-5af4-4987-b16d-474e950d210f",
"indicator--5a5e01b5-60d8-4c8a-8537-4fe7950d210f",
"indicator--5a5e01b6-cc68-4c40-9bb0-4d91950d210f",
"indicator--5a5e01b6-6de8-4471-8258-4f2c950d210f",
"indicator--5a5e01b7-b8b0-4798-8fa8-4728950d210f",
"indicator--5a5e01b7-9a40-4d83-b384-4238950d210f",
"indicator--5a5e01b7-2c20-4bca-b050-4465950d210f",
"indicator--5a5e01d2-7364-4dbb-85e2-4840950d210f",
"indicator--5a5e01d3-4cac-485a-b6dc-4ca7950d210f",
"indicator--5a5e01d3-ad20-47ac-a406-4641950d210f",
"indicator--5a5e01d3-15a4-48d0-a318-43d8950d210f",
"indicator--5a5e01d4-5f30-4988-a81c-408c950d210f",
"indicator--5a5e01d4-f468-47b9-825b-4a6a950d210f",
"indicator--5a5e01d5-3350-4572-81bb-4840950d210f",
"indicator--5a5e01d5-aa8c-43a8-985e-4944950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"APT",
"type:OSINT",
"osint:source-type=\"blog-post\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfa7f-3e2c-4d2f-bfa2-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:13:35.000Z",
"modified": "2018-01-16T13:13:35.000Z",
"first_observed": "2018-01-16T13:13:35Z",
"last_observed": "2018-01-16T13:13:35Z",
"number_observed": 1,
"object_refs": [
"url--5a5dfa7f-3e2c-4d2f-bfa2-62e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5dfa7f-3e2c-4d2f-bfa2-62e5950d210f",
"value": "https://www.threatconnect.com/blog/kasperagent-malware-campaign/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfa7f-fdf0-4b29-b3b6-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:13:35.000Z",
"modified": "2018-01-16T13:13:35.000Z",
"first_observed": "2018-01-16T13:13:35Z",
"last_observed": "2018-01-16T13:13:35Z",
"number_observed": 1,
"object_refs": [
"url--5a5dfa7f-fdf0-4b29-b3b6-62e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5dfa7f-fdf0-4b29-b3b6-62e5950d210f",
"value": "https://app.threatconnect.com/auth/campaign/campaign.xhtml?campaign=4219181"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfa7f-e974-43a9-a4b8-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:13:35.000Z",
"modified": "2018-01-16T13:13:35.000Z",
"first_observed": "2018-01-16T13:13:35Z",
"last_observed": "2018-01-16T13:13:35Z",
"number_observed": 1,
"object_refs": [
"url--5a5dfa7f-e974-43a9-a4b8-62e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5dfa7f-e974-43a9-a4b8-62e5950d210f",
"value": "https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4219182"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfa7f-0d38-4c30-bfc2-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:13:35.000Z",
"modified": "2018-01-16T13:13:35.000Z",
"first_observed": "2018-01-16T13:13:35Z",
"last_observed": "2018-01-16T13:13:35Z",
"number_observed": 1,
"object_refs": [
"url--5a5dfa7f-0d38-4c30-bfc2-62e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5dfa7f-0d38-4c30-bfc2-62e5950d210f",
"value": "https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4219191"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfa7f-215c-42ac-8c84-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:13:35.000Z",
"modified": "2018-01-16T13:13:35.000Z",
"first_observed": "2018-01-16T13:13:35Z",
"last_observed": "2018-01-16T13:13:35Z",
"number_observed": 1,
"object_refs": [
"url--5a5dfa7f-215c-42ac-8c84-62e5950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5a5dfa7f-215c-42ac-8c84-62e5950d210f",
"value": "https://app.threatconnect.com/auth/incident/incident.xhtml?incident=4219223"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5a5dfaa7-cb80-4fd8-b424-46c0950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:18:43.000Z",
"modified": "2018-01-16T13:18:43.000Z",
"labels": [
"misp:type=\"pdb\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "pdb",
"x_misp_value": "%USERPROFILE%\\Documents\\Visual Studio 2008\\Projects\\New folder (2)\\kasper\\Release\\kasper.pdb"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfab6-c328-44c4-b3e4-bff6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:14:30.000Z",
"modified": "2018-01-16T13:14:30.000Z",
"pattern": "[file:hashes.MD5 = '6843ae9eac03f69df301d024bfdefc88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:14:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfab6-467c-45d8-adf9-bff6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:14:30.000Z",
"modified": "2018-01-16T13:14:30.000Z",
"pattern": "[file:hashes.MD5 = '4fe7561f63a71ca73c26cb95b28eaee8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:14:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfad2-24a0-46cc-9257-46be950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:14:58.000Z",
"modified": "2018-01-16T13:14:58.000Z",
"pattern": "[domain-name:value = 'treestower.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:14:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfad2-3e88-469e-ad8e-4917950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:14:58.000Z",
"modified": "2018-01-16T13:14:58.000Z",
"pattern": "[domain-name:value = 'mailsinfo.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:14:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfaec-a0b8-44c2-8802-c1be950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:15:24.000Z",
"modified": "2018-01-16T13:15:24.000Z",
"pattern": "[file:hashes.MD5 = '2de25306a58d8a5b6cbe8d5e2fc5f3c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:15:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfaec-7b28-4d37-89dc-c1be950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:15:24.000Z",
"modified": "2018-01-16T13:15:24.000Z",
"pattern": "[domain-name:value = 'windowsnewupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:15:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfaec-d4c8-4f95-928c-c1be950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:15:24.000Z",
"modified": "2018-01-16T13:15:24.000Z",
"pattern": "[file:hashes.MD5 = 'c66f88d2d76d79210d568d7ad7896b45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:15:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb14-0a08-4f8b-abf7-44a3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:16:04.000Z",
"modified": "2018-01-16T13:16:04.000Z",
"pattern": "[file:hashes.IMPHASH = '0b4e44256788783634a2b1dadf4f9784']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:16:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"imphash\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb15-9e3c-4d8f-9580-4b34950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:16:05.000Z",
"modified": "2018-01-16T13:16:05.000Z",
"pattern": "[file:hashes.IMPHASH = 'e44f0bd2adfb9cbcabcad314d27accfc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:16:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"imphash\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb2f-f3f0-40a4-8746-62e5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:16:31.000Z",
"modified": "2018-01-16T13:16:31.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.154.110.237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:16:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb45-d0f0-4f3c-9010-476e950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:16:53.000Z",
"modified": "2018-01-16T13:16:53.000Z",
"pattern": "[domain-name:value = 'upfile2box.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb45-b754-4fc6-9687-4265950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:16:53.000Z",
"modified": "2018-01-16T13:16:53.000Z",
"pattern": "[domain-name:value = '7aga.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:16:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:29.000Z",
"modified": "2018-01-16T13:17:29.000Z",
"first_observed": "2018-01-16T13:17:29Z",
"last_observed": "2018-01-16T13:17:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"ipv4-addr--5a5dfb69-23a8-4879-9a3f-4356950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"dst_ref": "ipv4-addr--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--5a5dfb69-23a8-4879-9a3f-4356950d210f",
"value": "144.76.107.83"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6a-08c0-4d3a-aff7-4c82950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:30.000Z",
"modified": "2018-01-16T13:17:30.000Z",
"pattern": "[domain-name:value = 'www.treestower.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6a-90e4-423a-8ffa-4c58950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:30.000Z",
"modified": "2018-01-16T13:17:30.000Z",
"pattern": "[domain-name:value = 'www.windowsnewupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6a-7ad8-4026-94c1-4596950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:30.000Z",
"modified": "2018-01-16T13:17:30.000Z",
"pattern": "[file:hashes.MD5 = '6e853f78c47dfd4cc726a47b0098d1b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6b-b78c-4f37-a92f-4db9950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:31.000Z",
"modified": "2018-01-16T13:17:31.000Z",
"pattern": "[file:hashes.MD5 = '6843ae9eac03f69df301d024bfdefc88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6b-1070-4ec8-9123-4e38950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:31.000Z",
"modified": "2018-01-16T13:17:31.000Z",
"pattern": "[file:hashes.MD5 = '4fe7561f63a71ca73c26cb95b28eaee8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6c-9bd0-47b2-8f40-44c3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:32.000Z",
"modified": "2018-01-16T13:17:32.000Z",
"pattern": "[file:hashes.MD5 = 'bf587707b44e46208a53817a4718d384']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6c-5b5c-40d0-b251-4f33950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:32.000Z",
"modified": "2018-01-16T13:17:32.000Z",
"pattern": "[file:hashes.MD5 = '2de25306a58d8a5b6cbe8d5e2fc5f3c5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6d-1038-4ce4-8d79-4e4d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:33.000Z",
"modified": "2018-01-16T13:17:33.000Z",
"pattern": "[url:value = 'http://www.windowsnewupdates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6d-cd94-4687-a84a-44b6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:33.000Z",
"modified": "2018-01-16T13:17:33.000Z",
"pattern": "[url:value = 'http://www.windowsnewupdates.com/dad5/sign.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6d-b354-4f56-a4ff-4a5f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:33.000Z",
"modified": "2018-01-16T13:17:33.000Z",
"pattern": "[url:value = 'http://www.treestower.com/images/17457790_12836.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6e-f0c0-4718-9153-4f79950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:34.000Z",
"modified": "2018-01-16T13:17:34.000Z",
"pattern": "[url:value = 'http://www.windowsnewupdates.com/dad5/addCity.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb6e-2e90-47c2-be61-4411950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:17:34.000Z",
"modified": "2018-01-16T13:17:34.000Z",
"pattern": "[url:value = 'http://www.windowsnewupdates.com/dad5/town.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:17:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb8e-8ecc-4905-9fac-4347950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:18:06.000Z",
"modified": "2018-01-16T13:18:06.000Z",
"pattern": "[file:hashes.MD5 = '339261a97e4cb123f15c77cb916c0ed2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:18:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb8f-cbf4-42c3-b2b0-4725950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:18:07.000Z",
"modified": "2018-01-16T13:18:07.000Z",
"pattern": "[file:hashes.MD5 = '48f39fe48f6fdae46dda189a904b5ad2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:18:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5dfb8f-f5e0-4e15-b049-4ae2950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:18:07.000Z",
"modified": "2018-01-16T13:18:07.000Z",
"pattern": "[file:hashes.MD5 = 'f6ac341729d42893a06db8d55aaaabae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:18:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01af-a050-4383-91ca-4711950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:15.000Z",
"modified": "2018-01-16T13:44:15.000Z",
"pattern": "[file:hashes.MD5 = '53135d1b2488ce356a9dfbbfa717dd8a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b0-9b30-4098-bfa7-4795950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:16.000Z",
"modified": "2018-01-16T13:44:16.000Z",
"pattern": "[file:hashes.MD5 = '30bfc2f4776451fb04fe272e372db82f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b0-2bf0-4137-b3d4-4d9e950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:16.000Z",
"modified": "2018-01-16T13:44:16.000Z",
"pattern": "[file:hashes.MD5 = '0734f5ff152d851a4c0655d06cc43530']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b0-1adc-461c-8f3b-4d66950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:16.000Z",
"modified": "2018-01-16T13:44:16.000Z",
"pattern": "[file:hashes.MD5 = 'a3fc6b4fed7c1d5ffd242ed39a9f6c8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b1-5120-4c22-ad0c-4994950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:17.000Z",
"modified": "2018-01-16T13:44:17.000Z",
"pattern": "[file:hashes.MD5 = 'fbf143b2d34c43bf50d713054f5b6035']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b1-f4d0-48e3-8428-4309950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:17.000Z",
"modified": "2018-01-16T13:44:17.000Z",
"pattern": "[file:hashes.MD5 = '568b97515f969b14bc727e8961fd65c9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b2-da38-4971-9d68-4954950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:18.000Z",
"modified": "2018-01-16T13:44:18.000Z",
"pattern": "[file:hashes.MD5 = '135d87dc18f703238eca6e360dd6e050']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b2-e094-41be-a734-406d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:18.000Z",
"modified": "2018-01-16T13:44:18.000Z",
"pattern": "[file:hashes.MD5 = '73148c69c283eb85517419c4b7e60c46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b3-4240-47b2-b3f1-4b06950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:19.000Z",
"modified": "2018-01-16T13:44:19.000Z",
"pattern": "[file:hashes.MD5 = '96cc23b77c36cec0c34ade9b740b7b87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b3-e060-4ca3-91d5-414f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:19.000Z",
"modified": "2018-01-16T13:44:19.000Z",
"pattern": "[file:hashes.MD5 = '32747103d34b6e773f81e24091d8e80d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b4-1bc8-4cf7-829d-4867950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:20.000Z",
"modified": "2018-01-16T13:44:20.000Z",
"pattern": "[file:hashes.MD5 = '8ff090029aaf77c16d4a24fef6393264']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b4-51e0-4f60-8abd-4c21950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:20.000Z",
"modified": "2018-01-16T13:44:20.000Z",
"pattern": "[file:hashes.MD5 = '7ed9addc8ee29425551e673f4a8d7f2a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b4-7958-4e69-b9fb-4e1f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:20.000Z",
"modified": "2018-01-16T13:44:20.000Z",
"pattern": "[file:hashes.MD5 = '85349063104b084ffb24d09d4c6e4bd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b5-4f6c-435b-bebd-43d5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:21.000Z",
"modified": "2018-01-16T13:44:21.000Z",
"pattern": "[file:hashes.MD5 = 'ae6afaf92e7cf3689ca74b6350f0a9fa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b5-5af4-4987-b16d-474e950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:21.000Z",
"modified": "2018-01-16T13:44:21.000Z",
"pattern": "[file:hashes.MD5 = 'e673c6e1d6c546c5c4abb8124ffe505b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b5-60d8-4c8a-8537-4fe7950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:21.000Z",
"modified": "2018-01-16T13:44:21.000Z",
"pattern": "[file:hashes.MD5 = '34d04aaa2c2b2455c9f988f2de5fab04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b6-cc68-4c40-9bb0-4d91950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:22.000Z",
"modified": "2018-01-16T13:44:22.000Z",
"pattern": "[file:hashes.MD5 = 'b8fb0f329654ec91cc6931667c4a3e39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b6-6de8-4471-8258-4f2c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:22.000Z",
"modified": "2018-01-16T13:44:22.000Z",
"pattern": "[file:hashes.MD5 = 'd8fad23d13d5247484ce129cee85cc5e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b7-b8b0-4798-8fa8-4728950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:23.000Z",
"modified": "2018-01-16T13:44:23.000Z",
"pattern": "[file:hashes.MD5 = 'a9caa2009bc2b4cd078f193d0c5a80b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b7-9a40-4d83-b384-4238950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:23.000Z",
"modified": "2018-01-16T13:44:23.000Z",
"pattern": "[file:hashes.MD5 = '9afcf5029f67230514d366d212d375a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01b7-2c20-4bca-b050-4465950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:23.000Z",
"modified": "2018-01-16T13:44:23.000Z",
"pattern": "[file:hashes.MD5 = '0e2aa5771dc87ca50d04efe5826aaf5c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d2-7364-4dbb-85e2-4840950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:50.000Z",
"modified": "2018-01-16T13:44:50.000Z",
"pattern": "[file:hashes.MD5 = '6bb42841c16ab82e3acc63c7a6d87801']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d3-4cac-485a-b6dc-4ca7950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:51.000Z",
"modified": "2018-01-16T13:44:51.000Z",
"pattern": "[file:hashes.MD5 = 'a8fc19b2c8efe81b09813292d31ec1eb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d3-ad20-47ac-a406-4641950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:51.000Z",
"modified": "2018-01-16T13:44:51.000Z",
"pattern": "[file:hashes.MD5 = '980b1125805ccc351f3abde4fce133e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d3-15a4-48d0-a318-43d8950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:51.000Z",
"modified": "2018-01-16T13:44:51.000Z",
"pattern": "[file:hashes.MD5 = '016eb6d8dad949c95bc2929f80d174b3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d4-5f30-4988-a81c-408c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:52.000Z",
"modified": "2018-01-16T13:44:52.000Z",
"pattern": "[file:hashes.MD5 = '200c6f2b28dc75d8454dedd85b23bc56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d4-f468-47b9-825b-4a6a950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:52.000Z",
"modified": "2018-01-16T13:44:52.000Z",
"pattern": "[file:hashes.MD5 = '5d44e3a13d8c976d30178688e8535ec5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d5-3350-4572-81bb-4840950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:53.000Z",
"modified": "2018-01-16T13:44:53.000Z",
"pattern": "[file:hashes.MD5 = 'cd27b0a11e6eb4006d7be41df850b9ee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5a5e01d5-aa8c-43a8-985e-4944950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2018-01-16T13:44:53.000Z",
"modified": "2018-01-16T13:44:53.000Z",
"pattern": "[file:hashes.MD5 = '8adcc9e5e9137612418b6042f028640e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-01-16T13:44:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
}
Reference in a new issue Copy permalink