misp-circl-feed/feeds/circl/misp/b0135754-b115-47c4-811c-e6840fe03f50.json

2442 lines
101 KiB
JSON
Raw Normal View History

2023-12-14 13:47:04 +00:00
{
"type": "bundle",
"id": "bundle--b0135754-b115-47c4-811c-e6840fe03f50",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--b0135754-b115-47c4-811c-e6840fe03f50",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"name": "Serverless InfoStealer delivered in Est European Countries",
"published": "2023-07-12T12:46:03Z",
"object_refs": [
"indicator--32089aee-e968-4036-81ba-7624c35ac4d7",
"indicator--630568fd-a16f-4923-b962-8cd4501da921",
"indicator--8d6c5ed1-d204-4162-9a77-48d8ecce0bae",
"indicator--b8419835-5db0-46da-862c-a33bcdf87ae8",
"indicator--32aaa5eb-08ff-4692-905d-3a9299c82689",
"indicator--d6cdd00c-6cf1-4508-a334-c1675389c4a1",
"indicator--9bb9ce3d-4c87-4219-8dd9-c06451060545",
"indicator--8756bc58-f42c-4a7f-b871-4b0f43ca2f7d",
"indicator--e08a796c-8241-41f5-a0f9-f44d041bf61d",
"indicator--6c67ea83-da1f-428f-b8b1-555c5a592098",
"indicator--d12a405a-4d7e-4fb7-8c91-1e548af5c7fd",
"indicator--650497e7-700d-4b67-a051-e49e6839a537",
"indicator--b03e958f-4e52-4af2-b54f-556a3d4d282c",
"indicator--0798a83f-44c4-4634-a2f7-b6ecd8b2da0e",
"indicator--684fb21a-5b06-4aa4-8bfe-84f2fa5ac53f",
"indicator--e572f482-7f0c-4529-9c2f-2e4a22658916",
"indicator--6ed047d8-0795-4ec0-bb7a-ebe14c6ff0ec",
"indicator--4737f676-4ff6-4e82-94f0-9102eecec537",
"indicator--d4d540c5-f33f-484d-b06f-fac919ecb26b",
"indicator--44d29af2-c1d6-4d07-80c8-946e7ed0c6cb",
"indicator--d33e7116-1ba7-49e5-abb5-9acf804a9587",
"indicator--da3189cc-0235-484f-8e85-977fb1a61d73",
"indicator--3404c521-413b-4e73-9fa7-e82ce9376f94",
"indicator--892d430e-0ca6-4ce3-9439-8e8b075f91e6",
"indicator--76ff4fc7-0106-4a1c-a63a-ca3472e06907",
"indicator--2c893001-4778-4534-bab8-a6c850f47dfc",
"indicator--01af4767-33bc-4aba-9973-6a353cf5fb23",
"indicator--5e5b9a25-2628-47be-8eeb-cdeef3f9d37f",
"indicator--1b5726d6-3d8f-4b47-b3ef-56235ccdce9f",
"indicator--dc902153-1115-4531-ba86-757cc9dc5faa",
"indicator--461e1888-aaa6-4102-908e-180c14af2cb3",
"indicator--489aa087-aac8-4054-8e17-1abb1ec7a59a",
"indicator--96a96090-6a9a-423a-9324-996c005570ca",
"indicator--0d6f1f05-eceb-4ab8-b8bd-c4749ae2d79a",
"indicator--358c78da-7fe5-44f6-a565-d4a1cf951e34",
"indicator--2f004a3e-d63f-4130-bda9-3ebd027256a9",
"indicator--7969287f-795d-4366-a389-05cd0fc2d6b4",
"indicator--b0eab0d8-740b-4ff4-965c-859d99c71ddd",
"indicator--9db74dc5-3f89-400a-9d04-2d1722bc14bb",
"indicator--137206b4-41e7-49a8-b8a7-15f04a3f0f51",
"indicator--b455dce0-4048-453f-a0ef-9fec55e74505",
"indicator--031ce0aa-1884-4419-92c5-a5f2f299d279",
"indicator--22a021ca-484b-4818-8f97-39c264c0004f",
"indicator--38ff91e7-5d34-43b5-92cc-4ba1fe0b09a4",
"indicator--87e83393-5003-478e-9085-ade6c2762d09",
"indicator--cbb6d961-abc3-43aa-8e25-f77c15dd710e",
"indicator--85ba72a9-3a60-4979-bfbf-ef263bc4160c",
"indicator--f85057a4-3d7e-43c7-bf69-a5b7b7f84ae6",
"indicator--8ad343a2-3853-4287-8918-2659eca905cc",
"indicator--6ed9fe69-d3d5-4876-95de-5559f3083639",
"indicator--68059aa3-b7f5-405c-b49e-64535aa3f928",
"indicator--c2f6630d-41bb-45ba-97f7-745091064e38",
"indicator--27a2e274-3a77-4c26-b0fe-f657823ebb8d",
"indicator--3937a026-6732-4b7d-abb2-85d29c590a1d",
"indicator--780ae267-d937-4acd-a291-95777bc324b5",
"indicator--1fac7fd2-1168-4a1f-945c-f0ee32dfb502",
"indicator--48903724-1866-454b-889b-5ce503d0d571",
"indicator--34a61b72-2558-4259-9cff-ca63f27078ed",
"indicator--754e5066-1cf1-4043-9213-ebfe4047372c",
"indicator--87903ba3-0efc-468f-ac75-52898b7e8f73",
"indicator--14a3d130-019a-44ec-8748-3a413daa0eea",
"indicator--514c5895-c0be-4be5-afff-966e646e8a15",
"indicator--f3727a52-8a65-4981-88f6-e59a19859276",
"indicator--f56444b5-bdf9-4797-b119-d498ca952a2b",
"indicator--125c6d4e-f6d4-418f-906c-52d84f1e7716",
"indicator--2a40d59f-db23-4321-9d8c-c42c975bfeb1",
"indicator--bf4b8df7-30ab-47b7-8ab1-7613904b16f1",
"indicator--b5d5d93a-efe0-4b92-a598-f0469238c1d8",
"indicator--6fa62a80-10d3-4231-8a91-93821b26d441",
"indicator--7194dc14-19a1-4e15-b6c4-e719d2173fe0",
"indicator--37e5410d-b856-407f-87f9-8af2b9d5e912",
"indicator--2363aa94-f60a-42bf-bea3-a991125de5aa",
"indicator--4921aa93-bf1f-482f-8c45-86493772fb90",
"indicator--e18c8e9e-a022-4d12-9fc1-a459bdcea74c",
"indicator--d80daa77-cafc-4a98-980e-32d6c4a49510",
"indicator--a0d545d3-2b52-4c76-a9b2-e8812eb70bfa",
"indicator--18612900-27a4-4e2c-b1a1-bdfa8550108e",
"indicator--851bb9d1-2476-401a-a4f3-159d373eae4c",
"indicator--59291766-0fde-4d8b-bf2e-e6717da8de96",
"indicator--38714092-3e5e-4cd1-9033-05f1a6bcd33b",
"indicator--de80555f-cbfd-410f-86f1-f5079e658295",
"indicator--7201dd76-373a-4ef3-ae32-ed5e2d9954b4",
"indicator--60d47caf-e4a8-40c9-9bd2-1d95bcc979cf",
"indicator--c70724eb-b1a5-431c-92cb-63d501c114ed",
"indicator--274428fa-9e17-4088-9180-80d7b0928cdb",
"indicator--04eef561-3636-43cc-858c-3664aa62f0ba",
"indicator--528e61dd-f4ed-4771-b6d5-1afac360565b",
"indicator--d4ff3f40-de55-46f1-8c6b-c1ab576707c0",
"indicator--a885c8ec-1181-4c63-860d-51c900e368ea",
"indicator--5f57c44c-f15e-4da3-b506-49a2b55ac7ed",
"indicator--6c8187a6-aebf-4c7a-9dbb-5544994f6df9",
"indicator--9edae6cf-b14a-4342-b86c-0514f9801aa7",
"indicator--770e7b1a-7aa9-48a5-b59f-9da26a65fdaa",
"indicator--23c9db84-2c6e-4d2f-b276-b1a045f5611f",
"indicator--dbd6f45e-3c19-455c-b011-865719bd32ce",
"indicator--92197b09-0f1a-4407-b999-52c680bf03aa",
"x-misp-object--af3be992-38a1-4658-83ef-815740dddd20",
"indicator--1bf76bf3-2ac7-432d-8632-da0a3f879e2e",
"indicator--9b0fd0fa-4b8f-4b68-8297-6060e5956dad"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"tlp:clear"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--32089aee-e968-4036-81ba-7624c35ac4d7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-20T11:45:46.000Z",
"modified": "2023-06-20T11:45:46.000Z",
"pattern": "[file:name = 'hulalalMCROSOFT.vbs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-20T11:45:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--630568fd-a16f-4923-b962-8cd4501da921",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T08:29:08.000Z",
"modified": "2023-06-21T08:29:08.000Z",
"pattern": "[url:value = 'http://crypters.coolpage.biz/rumps/Rumppp.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T08:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8d6c5ed1-d204-4162-9a77-48d8ecce0bae",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T08:29:08.000Z",
"modified": "2023-06-21T08:29:08.000Z",
"pattern": "[url:value = 'https://bitbucket.org/!api/2.0/snippets/hogya/KpMMLg/a2975578cff84cf6c198f055b21a7a6e3f14cd15/files/rotyh12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T08:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b8419835-5db0-46da-862c-a33bcdf87ae8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T08:29:08.000Z",
"modified": "2023-06-21T08:29:08.000Z",
"description": "hogya - harsh singh",
"pattern": "[url:value = 'https://bitbucket.org/hogya/workspace/snippets/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T08:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--32aaa5eb-08ff-4692-905d-3a9299c82689",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T08:29:08.000Z",
"modified": "2023-06-21T08:29:08.000Z",
"description": "choasknight",
"pattern": "[url:value = 'https://bitbucket.org/choasknight/workspace/snippets/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T08:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d6cdd00c-6cf1-4508-a334-c1675389c4a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:12:29.000Z",
"modified": "2023-06-21T10:12:29.000Z",
"pattern": "[url:value = 'https://1230948\\\\%1230948\\\\%1230948\\\\%1230948\\\\%1230948\\\\%1230948@bitly.]com/dsasabshjkahsadnjksalhndjksa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:12:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9bb9ce3d-4c87-4219-8dd9-c06451060545",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/dghiaksgdbshagdh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8756bc58-f42c-4a7f-b871-4b0f43ca2f7d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/etwuiqdbshadbsgha']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e08a796c-8241-41f5-a0f9-f44d041bf61d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/etyqwuidgshaja']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c67ea83-da1f-428f-b8b1-555c5a592098",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/etywuiqdbhsnadg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d12a405a-4d7e-4fb7-8c91-1e548af5c7fd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/etywuiqdhbsgjj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--650497e7-700d-4b67-a051-e49e6839a537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/etywuiqdhjkasdnbvh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b03e958f-4e52-4af2-b54f-556a3d4d282c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiasdbnjkasdhkashd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0798a83f-44c4-4634-a2f7-b6ecd8b2da0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiqwdbhasgdjsha']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--684fb21a-5b06-4aa4-8bfe-84f2fa5ac53f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiqwdhjkasdbsadgb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e572f482-7f0c-4529-9c2f-2e4a22658916",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiqwdhksbgjsha']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ed047d8-0795-4ec0-bb7a-ebe14c6ff0ec",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiqwdhsgaddasvdj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4737f676-4ff6-4e82-94f0-9102eecec537",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eyuiqwhdjkasdghj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4d540c5-f33f-484d-b06f-fac919ecb26b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eywuiqdbnamsdgjh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--44d29af2-c1d6-4d07-80c8-946e7ed0c6cb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eywuiqdhjkasdbgmh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d33e7116-1ba7-49e5-abb5-9acf804a9587",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/eywuiqdhnjkasbdjsghah']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--da3189cc-0235-484f-8e85-977fb1a61d73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/qywuiehasgdshaj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3404c521-413b-4e73-9fa7-e82ce9376f94",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/twyiqgshagsja']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--892d430e-0ca6-4ce3-9439-8e8b075f91e6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/yeuioqwhdkjasgd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--76ff4fc7-0106-4a1c-a63a-ca3472e06907",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/yeuiwqhdbasnvgjha']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c893001-4778-4534-bab8-a6c850f47dfc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:28:12.000Z",
"modified": "2023-06-21T10:28:12.000Z",
"pattern": "[url:value = 'https://bitly.com/yqweikkajsbdjsgadhasdbg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:28:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--01af4767-33bc-4aba-9973-6a353cf5fb23",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:53:59.000Z",
"modified": "2023-06-21T10:53:59.000Z",
"pattern": "[url:value = 'https://madarbloghogya.blogspot.com/p/longdickback1.]html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:53:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5e5b9a25-2628-47be-8eeb-cdeef3f9d37f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:53:59.000Z",
"modified": "2023-06-21T10:53:59.000Z",
"pattern": "[url:value = 'https://madarbloghogya.blogspot.com/p/rothwellback.]html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:53:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1b5726d6-3d8f-4b47-b3ef-56235ccdce9f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/bxkkpz/4118f44550b85bec2ae65d3e55bf77b2101991c8/files/calib111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dc902153-1115-4531-ba86-757cc9dc5faa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/dxkkpr/2a7b31d0309cf290a0a4c692077fd013669991b2/files/charles11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--461e1888-aaa6-4102-908e-180c14af2cb3",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/7XkkMb/3cb71404b16fd36f48bb66d71c61d6055fe8fbd3/files/dark1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--489aa087-aac8-4054-8e17-1abb1ec7a59a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/qXkkMx/5b19e6bac2c7b95e36211bb737603c38bcc64885/files/ghul1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--96a96090-6a9a-423a-9324-996c005570ca",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/Epgg7x/90823c7b15d8d3c9aa74b74766a264f2cdaff147/files/long11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d6f1f05-eceb-4ab8-b8bd-c4749ae2d79a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/kxqqjX/1cf020a5bcfd0f3a613b1356558b4e5c67136435/files/mrk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--358c78da-7fe5-44f6-a565-d4a1cf951e34",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/yXEEMa/2c4fbe9f83764ed4c53961886e563861399257d5/files/muti']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2f004a3e-d63f-4130-bda9-3ebd027256a9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/A9MM7b/b1f5d79e5438016d91d7a42680532aed1cff8657/files/qw2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7969287f-795d-4366-a389-05cd0fc2d6b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/KpMMLg/a2975578cff84cf6c198f055b21a7a6e3f14cd15/files/rotyh12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b0eab0d8-740b-4ff4-965c-859d99c71ddd",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/rXEEgk/81cf1a8c4f8ec324adf7e8729c8c19d6f3191d34/files/van1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9db74dc5-3f89-400a-9d04-2d1722bc14bb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/7Xkkdr/71b71d4e957ac56cd5bc6d1558b81f44210cd884/files/calib-1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--137206b4-41e7-49a8-b8a7-15f04a3f0f51",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/KpMMLe/b4e47bf432d722a20ecd7b8d532de88c5274468e/files/charles123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b455dce0-4048-453f-a0ef-9fec55e74505",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/rXEEgA/236882c179c87120ea611078d65f6af854a3da76/files/dark123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--031ce0aa-1884-4419-92c5-a5f2f299d279",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/nxkkbx/b985a138bfcc230075309d6393d9a77a013146d2/files/ghul123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--22a021ca-484b-4818-8f97-39c264c0004f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/yXEEdx/fd5b2f66e22535e681f5d9b75f380f15645e8ea5/files/long132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38ff91e7-5d34-43b5-92cc-4ba1fe0b09a4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/KpMMLk/30b96224276ce0482b9ca6a8e8d51b1a80af06dc/files/mrk123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87e83393-5003-478e-9085-ade6c2762d09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/rXEEgg/947b59abdf17355aa212f65cc26ed3a0a694dd30/files/muti001']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--cbb6d961-abc3-43aa-8e25-f77c15dd710e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/nxkkbj/93313de40a32b1c85bf7c5ef52d103808e400c89/files/qwe22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--85ba72a9-3a60-4979-bfbf-ef263bc4160c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/LpMMnx/78c83d16ba68da5bd2cdc3a25e26e367c7b10f05/files/roth123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f85057a4-3d7e-43c7-bf69-a5b7b7f84ae6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/qXkkda/da9c321b635563490e760230601e6da016df6172/files/van123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8ad343a2-3853-4287-8918-2659eca905cc",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/kxqqay/1b716492745a665eea93dd18261a7a3c9f8ac85f/files/reza']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6ed9fe69-d3d5-4876-95de-5559f3083639",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/hogya/exEE5y/c407ebf390895c289726d38e17ace212689e34f8/files/reza-111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--68059aa3-b7f5-405c-b49e-64535aa3f928",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/choasknight/6XEXAo/6602fb280c0f18337286988b9af658023a7cc994/files/test']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c2f6630d-41bb-45ba-97f7-745091064e38",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/choasknight/kxqxxA/5864261b6610d863302b06c528fe1a85d4db7072/files/darkhorse']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--27a2e274-3a77-4c26-b0fe-f657823ebb8d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T10:55:20.000Z",
"modified": "2023-06-21T10:55:20.000Z",
"pattern": "[url:value = 'https://bitbucket.]org/!api/2.0/snippets/choasknight/yXEXXn/2b8cdcdeaa63834b21dba9c15a50226a5629a888/files/darkhorsepart2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T10:55:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3937a026-6732-4b7d-abb2-85d29c590a1d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '014d5412e803d0abe1bdf1f29d02e389603ad5c30e449920f6995748e9310542']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--780ae267-d937-4acd-a291-95777bc324b5",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '19451a668953bd2a206283163714425ed75f822b8ac915f1e04b966671a1a23c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1fac7fd2-1168-4a1f-945c-f0ee32dfb502",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '27b7e68d5d728b339dc5d8fbc6a9f4194da0ba1ffc471d58c3cabf2a2ebd426d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--48903724-1866-454b-889b-5ce503d0d571",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '29a4107734ec549b59d5babd945ceb6c254375011165d34e70e86553c27581c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--34a61b72-2558-4259-9cff-ca63f27078ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '36f26fffbe92ea0a9fbd25908fd12af52f2dad967a1369c77ef97e76c1638ca3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--754e5066-1cf1-4043-9213-ebfe4047372c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '414f56a4bbedb067cfa571d107103f705d742d10e2fe7163c97d6925e62ea853']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--87903ba3-0efc-468f-ac75-52898b7e8f73",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '468f28807ef4d3e8cbd812d808b9573fb87ba83a037503c9c14f032ca08deb2e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--14a3d130-019a-44ec-8748-3a413daa0eea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '54f8342dec4a0b60e369292eee00cb6b8676ec48973a3a345a217febb0f3488e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--514c5895-c0be-4be5-afff-966e646e8a15",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '5665e106ce98224e6f1d02a49c86e01778ed630ab53b55f5ed50126bd1666c06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f3727a52-8a65-4981-88f6-e59a19859276",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '639f108d6fa7469827be4396f086b95158ee28a7eec6867cedaf2d4007a3784b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f56444b5-bdf9-4797-b119-d498ca952a2b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '6d492bbc2e972b9720bb9463733ed550236742341952e0d5a31c0f0220beffdd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--125c6d4e-f6d4-418f-906c-52d84f1e7716",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '81698424c325e40c1cd537719a228cf99fcacd1b954e717f27c4ba32c5cd83fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a40d59f-db23-4321-9d8c-c42c975bfeb1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '89d2bfac1aa9427857b229ec9f1acae69a865bb33a88f33e7264e82bd4463b35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bf4b8df7-30ab-47b7-8ab1-7613904b16f1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '8a17d0e4a4f310a8aeb27a2e30cfc463c2d5a2bfa2772b0a5d5700b4c1e1c3bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b5d5d93a-efe0-4b92-a598-f0469238c1d8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '8ed21a5bfe917fcba312ed2b630deadba0a4d623f4bccf74dd80149b176d414e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6fa62a80-10d3-4231-8a91-93821b26d441",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '9c3ecaecc2339b973eacaa4da07dae33964c75c7766f36c862c988491d4ecbb0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7194dc14-19a1-4e15-b6c4-e719d2173fe0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '9f4a60a9f9c8ac29814bf0e94360ca1502973ad2530bb66f8c4e2b75977d7311']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--37e5410d-b856-407f-87f9-8af2b9d5e912",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'a3d8bc6d455eaeca2f0fbe462f6348c0f61242dc7bde1c48d27b33f1d8cf1d9d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2363aa94-f60a-42bf-bea3-a991125de5aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'a98f6606e576078f0735d504dfd4c4276fd91d918117a29334ff41107c3d269e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--4921aa93-bf1f-482f-8c45-86493772fb90",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'acd370830c92939272a8503ef834d5892108133de131407d10c7435e1514208b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--e18c8e9e-a022-4d12-9fc1-a459bdcea74c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'bc1254a16b628102bb13c3501d2c52063f16c7857419455790863beec30f31e2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d80daa77-cafc-4a98-980e-32d6c4a49510",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'c4d3db664407cd7dde28b6490dc2cbaafad0b91740bf51b480b1f4c324834fd1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a0d545d3-2b52-4c76-a9b2-e8812eb70bfa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'd0d36b28f2d009efd9ebf8006d5a937bdf61e408166d7d811ed01bc4a6cc61ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--18612900-27a4-4e2c-b1a1-bdfa8550108e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'd3b83d76e76c22b2881a3e5b86afbfd020b631584ed0a40f67d5820a572bc5f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--851bb9d1-2476-401a-a4f3-159d373eae4c",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'd4ee5546b462eb2cf6f88ca39fcc208904d02488782ab0285c06e1e35c1a754e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59291766-0fde-4d8b-bf2e-e6717da8de96",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'fe5811c318713cbdf188b2fae370dd8827715fd9e0e5a1ee367823343d0d5a0f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--38714092-3e5e-4cd1-9033-05f1a6bcd33b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'e2a2f3d6aae6a4ca060d5f761591f6edb9db80677bdd7bb9ba71f8c88b0dbf38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de80555f-cbfd-410f-86f1-f5079e658295",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = 'bb5bdc809fe22bdc88652c5ca93aba8c90798d55e62d7fc0cbc44740bf6bf1d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7201dd76-373a-4ef3-ae32-ed5e2d9954b4",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '17f3f34d7814338c40153073fed0ed0414ecb4f76ca9d3d337b8b09da85f2a57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--60d47caf-e4a8-40c9-9bd2-1d95bcc979cf",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:35:51.000Z",
"modified": "2023-06-21T11:35:51.000Z",
"pattern": "[file:hashes.SHA256 = '94ac4b5dc33bd0374952731853642a4eca8bdb9be12b861297d7dd8f0e527c19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c70724eb-b1a5-431c-92cb-63d501c114ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-calib/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--274428fa-9e17-4088-9180-80d7b0928cdb",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-charles/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--04eef561-3636-43cc-858c-3664aa62f0ba",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-dark/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--528e61dd-f4ed-4771-b6d5-1afac360565b",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-ghul/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d4ff3f40-de55-46f1-8c6b-c1ab576707c0",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-greg/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a885c8ec-1181-4c63-860d-51c900e368ea",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-long/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5f57c44c-f15e-4da3-b506-49a2b55ac7ed",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-mrk/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6c8187a6-aebf-4c7a-9dbb-5544994f6df9",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-muti/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9edae6cf-b14a-4342-b86c-0514f9801aa7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-reza/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--770e7b1a-7aa9-48a5-b59f-9da26a65fdaa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-roth/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--23c9db84-2c6e-4d2f-b276-b1a045f5611f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-trade/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dbd6f45e-3c19-455c-b011-865719bd32ce",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-van/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--92197b09-0f1a-4407-b999-52c680bf03aa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-21T11:37:06.000Z",
"modified": "2023-06-21T11:37:06.000Z",
"pattern": "[url:value = 'http://69.174.99.181/webpanel-zoe/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-21T11:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--af3be992-38a1-4658-83ef-815740dddd20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-20T11:41:32.000Z",
"modified": "2023-06-20T11:41:32.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://yoroi.company/research/serverless-infostealer-delivered-in-est-european-countries/",
"category": "External analysis",
"uuid": "8a3ad064-de1d-40aa-ab74-6ab83b3ba159"
},
{
"type": "text",
"object_relation": "summary",
"value": "Threat actors' consistency over time represents an indication of effectiveness and experience, resulting in an increasing risk for targeted companies. \r\n\r\nThe Yoroi Malware ZLAB is tracking the threat actor Aggah (TH-157) since 2019, along with PaloAlto UNIT42, HP and Juniper Networks, and the persistency of its malicious operation over time reveals a structured information stealing infrastructure, a worldwide campaign capable of quickly varying its distribution technique. \r\n\r\nWe discovered new data theft and reconnaissance operations targeting multiple victims worldwide, including Ukraine, Lithuania, and Italy. The whole campaign impacted hundreds of victims and lasted for two months. CERT Yoroi was able to track the malware distribution infrastructure which was abusing the Bitbucket code repository infrastructures to evade detection mechanism, URL and domain reputation security check. \r\n\r\nThe following article describes how TH-157 conducted this new wave of attacks along with all the indicators needed by security teams to hunt down active intrusions.",
"category": "Other",
"uuid": "3aa32c47-1ff2-4665-bcbb-352028f449c6"
},
{
"type": "text",
"object_relation": "type",
"value": "Report",
"category": "Other",
"uuid": "d8c7ec8b-0c83-4a9d-ab32-06ff30b2302d"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1bf76bf3-2ac7-432d-8632-da0a3f879e2e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-20T11:42:48.000Z",
"modified": "2023-06-20T11:42:48.000Z",
"description": "Aggah Campaign November 2021 - Malicious PPA macro dropper \t",
"pattern": "[file:hashes.SHA256 = '17f3f34d7814338c40153073fed0ed0414ecb4f76ca9d3d337b8b09da85f2a57' AND file:hashes.SSDEEP = '384:IKyo59LwWOIZlIjlaRKPPYglCLMvu61aUr/clFo39D:J59UWOI3mbkLhHmcjo']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-20T11:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9b0fd0fa-4b8f-4b68-8297-6060e5956dad",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2023-06-20T11:47:22.000Z",
"modified": "2023-06-20T11:47:22.000Z",
"pattern": "[file:name = 'xxx1.txt' AND file:x_misp_fullpath = '\\\\%PUBLIC\\\\%\\\\xxx1.txt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2023-06-20T11:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}