2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-06-14 17:31:25 +00:00
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--5b577bf2-48d4-492f-bd9d-c7f90acd0835",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:25:22.000Z",
|
|
|
|
"modified": "2018-07-24T19:25:22.000Z",
|
|
|
|
"name": "Synovus Financial",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--5b577bf2-48d4-492f-bd9d-c7f90acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:25:22.000Z",
|
|
|
|
"modified": "2018-07-24T19:25:22.000Z",
|
|
|
|
"name": "Hancitor Intel",
|
|
|
|
"published": "2018-07-24T19:25:51Z",
|
|
|
|
"object_refs": [
|
|
|
|
"indicator--5b577c11-54a0-4666-8bad-c8280acd0835",
|
|
|
|
"indicator--5b577c11-f024-45c3-8682-c8280acd0835",
|
|
|
|
"indicator--5b577c11-0224-4676-99d1-c8280acd0835",
|
|
|
|
"indicator--5b577c5b-0888-42d9-8194-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-10e8-4569-b67a-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-88e4-431f-814b-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-220c-4c7c-98f6-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-59d4-44d0-9fc3-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-af4c-454b-82c5-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-ac38-4ead-868a-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-a59c-460c-acaf-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-19b0-4b71-86ae-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-a550-4024-86d8-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-2fd8-48fa-b4ac-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-1a78-403c-bf9b-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-b9b4-4579-80eb-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-0dd4-4803-b621-c89e0acd0835",
|
|
|
|
"indicator--5b577c5b-8158-48bf-b044-c89e0acd0835",
|
|
|
|
"indicator--5b577c7d-8794-4eaf-83a0-c89e0acd0835",
|
|
|
|
"indicator--5b577c7d-68c4-4d27-b4bb-c89e0acd0835",
|
|
|
|
"indicator--5b577c7d-d8ac-4fe5-bee1-c89e0acd0835",
|
|
|
|
"indicator--5b577ca8-7640-435f-8458-c7f90acd0835",
|
|
|
|
"indicator--5b577cc7-670c-4338-84d3-c89e0acd0835"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"osint:source-type=\"pastie-website\"",
|
|
|
|
"misp-galaxy:tool=\"Hancitor\"",
|
|
|
|
"misp-galaxy:banker=\"Panda Banker\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c11-54a0-4666-8bad-c8280acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:20:49.000Z",
|
|
|
|
"modified": "2018-07-24T19:20:49.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://recsincalge.com/4/forum.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:20:49Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c11-f024-45c3-8682-c8280acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:20:49.000Z",
|
|
|
|
"modified": "2018-07-24T19:20:49.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://wohislinghes.ru/4/forum.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:20:49Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c11-0224-4676-99d1-c8280acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:20:49.000Z",
|
|
|
|
"modified": "2018-07-24T19:20:49.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://buthissandwil.ru/4/forum.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:20:49Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-0888-42d9-8194-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://jamble.org/wp-content/plugins/site-is-offline-plugin/12']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-10e8-4569-b67a-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://nyconstructionaccidentattorneys.net/wp-content/plugins/really-simple-captcha/12']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-88e4-431f-814b-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://k317.org/wp-content/plugins/subscribe2/12']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-220c-4c7c-98f6-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://saferoomreviews.com/wp-content/plugins/woocommerce/classes/12']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-59d4-44d0-9fc3-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://thesmartdinar.com/wp-content/plugins/facebook-like-box-widget/12']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-af4c-454b-82c5-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://jamble.org/wp-content/plugins/site-is-offline-plugin/2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-ac38-4ead-868a-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://nyconstructionaccidentattorneys.net/wp-content/plugins/really-simple-captcha/2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-a59c-460c-acaf-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://k317.org/wp-content/plugins/subscribe2/2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-19b0-4b71-86ae-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://saferoomreviews.com/wp-content/plugins/woocommerce/classes/2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-a550-4024-86d8-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://thesmartdinar.com/wp-content/plugins/facebook-like-box-widget/2']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-2fd8-48fa-b4ac-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://jamble.org/wp-content/plugins/site-is-offline-plugin/3']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-1a78-403c-bf9b-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://nyconstructionaccidentattorneys.net/wp-content/plugins/really-simple-captcha/3']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-b9b4-4579-80eb-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://k317.org/wp-content/plugins/subscribe2/3']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-0dd4-4803-b621-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://saferoomreviews.com/wp-content/plugins/woocommerce/classes/3']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c5b-8158-48bf-b044-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:03.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://thesmartdinar.com/wp-content/plugins/facebook-like-box-widget/3']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Download"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c7d-8794-4eaf-83a0-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:37.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:37.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://recsincalge.com/d2/about.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:37Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c7d-68c4-4d27-b4bb-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:37.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:37.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://wohislinghes.ru/d2/about.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:37Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577c7d-d8ac-4fe5-bee1-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:22:37.000Z",
|
|
|
|
"modified": "2018-07-24T19:22:37.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://buthissandwil.ru/d2/about.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:22:37Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577ca8-7640-435f-8458-c7f90acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:23:20.000Z",
|
|
|
|
"modified": "2018-07-24T19:23:20.000Z",
|
|
|
|
"description": "C2",
|
|
|
|
"pattern": "[url:value = 'http://hadsparmirat.com/index.php']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:23:20Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
" C2"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5b577cc7-670c-4338-84d3-c89e0acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-07-24T19:23:51.000Z",
|
|
|
|
"modified": "2018-07-24T19:23:51.000Z",
|
|
|
|
"description": "Panda Banker",
|
|
|
|
"pattern": "[url:value = 'https://linghapsittoft.ru']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-07-24T19:23:51Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\"",
|
|
|
|
"Panda Banker"
|
|
|
|
]
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
|
|
|
}
|