11557 lines
470 KiB
JSON
11557 lines
470 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--55d341da-f5d4-47a4-9095-467a950d210b",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:50.000Z",
|
||
|
"modified": "2015-08-25T11:52:50.000Z",
|
||
|
"name": "CthulhuSPRL.be",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "report",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "report--55d341da-f5d4-47a4-9095-467a950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:50.000Z",
|
||
|
"modified": "2015-08-25T11:52:50.000Z",
|
||
|
"name": "OSINT Pony Up: Tracing Pony\u00e2\u20ac\u2122s Threat Cycle and Multi-Stage Infection Chain by Damballa",
|
||
|
"published": "2015-08-25T11:54:56Z",
|
||
|
"object_refs": [
|
||
|
"observed-data--55d341ee-1940-4dc3-8e40-04ed950d210b",
|
||
|
"url--55d341ee-1940-4dc3-8e40-04ed950d210b",
|
||
|
"observed-data--55d34201-b8fc-405a-ad02-025f950d210b",
|
||
|
"url--55d34201-b8fc-405a-ad02-025f950d210b",
|
||
|
"observed-data--55d34201-2c68-426a-a276-025f950d210b",
|
||
|
"url--55d34201-2c68-426a-a276-025f950d210b",
|
||
|
"indicator--55d3421c-4144-4495-8a98-04ca950d210b",
|
||
|
"indicator--55d3421c-0c24-48b2-af63-04ca950d210b",
|
||
|
"indicator--55d3421c-a594-49d7-bdbc-04ca950d210b",
|
||
|
"indicator--55d3421c-e300-44d9-bcbc-04ca950d210b",
|
||
|
"indicator--55d3421c-0a68-432f-ae7c-04ca950d210b",
|
||
|
"indicator--55d3421d-d4f4-4d2e-8c44-04ca950d210b",
|
||
|
"indicator--55d3421d-c0e8-4b0b-b41e-04ca950d210b",
|
||
|
"indicator--55d3421d-ea98-448a-bc62-04ca950d210b",
|
||
|
"indicator--55d3421d-1940-4b2d-9974-04ca950d210b",
|
||
|
"indicator--55d3421d-e430-44fc-861f-04ca950d210b",
|
||
|
"indicator--55d3421e-8494-4b26-914e-04ca950d210b",
|
||
|
"indicator--55d3421e-dbd4-42f0-bb54-04ca950d210b",
|
||
|
"indicator--55d3421e-97b8-4579-a32a-04ca950d210b",
|
||
|
"indicator--55d3421e-f004-43e0-b6f7-04ca950d210b",
|
||
|
"indicator--55d3421e-f600-4b48-a815-04ca950d210b",
|
||
|
"indicator--55d3421f-8684-4f32-900b-04ca950d210b",
|
||
|
"indicator--55d3421f-4044-4270-8164-04ca950d210b",
|
||
|
"indicator--55d3421f-19a8-4050-82e2-04ca950d210b",
|
||
|
"indicator--55d3421f-235c-49a8-9f7b-04ca950d210b",
|
||
|
"indicator--55d3421f-fbdc-416c-9c21-04ca950d210b",
|
||
|
"indicator--55d3421f-db08-455d-bdac-04ca950d210b",
|
||
|
"indicator--55d34220-2054-4c3a-aec6-04ca950d210b",
|
||
|
"indicator--55d34220-dd58-4116-add3-04ca950d210b",
|
||
|
"indicator--55d34220-d50c-46a2-b001-04ca950d210b",
|
||
|
"indicator--55d34220-0a88-4457-a86d-04ca950d210b",
|
||
|
"indicator--55d34220-5e58-403f-8daa-04ca950d210b",
|
||
|
"indicator--55d34221-db8c-4092-b89b-04ca950d210b",
|
||
|
"indicator--55d34221-50e8-4af1-aafa-04ca950d210b",
|
||
|
"indicator--55d34221-de6c-4163-bdba-04ca950d210b",
|
||
|
"indicator--55d34221-f9d0-4b57-af26-04ca950d210b",
|
||
|
"indicator--55d34221-683c-4106-8585-04ca950d210b",
|
||
|
"indicator--55d34222-9928-4a34-a1be-04ca950d210b",
|
||
|
"indicator--55d34222-1964-4b18-97f0-04ca950d210b",
|
||
|
"indicator--55d34222-8014-4417-9964-04ca950d210b",
|
||
|
"indicator--55d34222-0d28-4223-9a31-04ca950d210b",
|
||
|
"indicator--55d34222-12c0-4452-9ce3-04ca950d210b",
|
||
|
"indicator--55d34223-4000-46a5-ac5f-04ca950d210b",
|
||
|
"indicator--55d34223-4bcc-41ae-a9dc-04ca950d210b",
|
||
|
"indicator--55d34223-f6ec-48e3-97ed-04ca950d210b",
|
||
|
"indicator--55d34223-fc0c-4e5b-b776-04ca950d210b",
|
||
|
"indicator--55d34231-e0cc-4698-865c-025f950d210b",
|
||
|
"indicator--55d34231-19cc-44d1-ba2c-025f950d210b",
|
||
|
"indicator--55d34232-900c-46b9-be6a-025f950d210b",
|
||
|
"indicator--55d34232-2844-409d-b91c-025f950d210b",
|
||
|
"indicator--55d34232-5de0-464a-a08d-025f950d210b",
|
||
|
"indicator--55d34232-4f60-49af-9240-025f950d210b",
|
||
|
"indicator--55d34232-763c-4455-9766-025f950d210b",
|
||
|
"indicator--55d34233-35b4-4ae8-a508-025f950d210b",
|
||
|
"indicator--55d34233-37a8-4f4a-9a49-025f950d210b",
|
||
|
"indicator--55d34233-6640-4fbd-9055-025f950d210b",
|
||
|
"indicator--55d34233-be60-4376-b327-025f950d210b",
|
||
|
"indicator--55d34233-4ca8-47bf-8b88-025f950d210b",
|
||
|
"indicator--55d34234-f5e4-415e-92c7-025f950d210b",
|
||
|
"indicator--55d34234-2714-478d-b025-025f950d210b",
|
||
|
"indicator--55d34234-f1ac-4c3b-8bcb-025f950d210b",
|
||
|
"indicator--55d34234-900c-4459-811a-025f950d210b",
|
||
|
"indicator--55d34234-8ba8-4240-8996-025f950d210b",
|
||
|
"indicator--55d34235-53c4-470b-bbad-025f950d210b",
|
||
|
"indicator--55d34235-bbec-40f4-8901-025f950d210b",
|
||
|
"indicator--55d34235-7a40-4daf-beab-025f950d210b",
|
||
|
"indicator--55d34235-0bf0-4db3-a0e5-025f950d210b",
|
||
|
"indicator--55d34235-0a2c-4f00-a380-025f950d210b",
|
||
|
"indicator--55d34236-f59c-4e5c-b38c-025f950d210b",
|
||
|
"indicator--55d34236-922c-4f7f-914a-025f950d210b",
|
||
|
"indicator--55d34236-06d0-4e98-947e-025f950d210b",
|
||
|
"indicator--55d34236-2808-49dd-8b66-025f950d210b",
|
||
|
"indicator--55d34236-e2a8-4ab3-a3c1-025f950d210b",
|
||
|
"indicator--55d34237-ebf0-45b3-b5b0-025f950d210b",
|
||
|
"indicator--55d34237-61ec-48ba-bfd9-025f950d210b",
|
||
|
"indicator--55d34237-a36c-4fe0-9d9a-025f950d210b",
|
||
|
"indicator--55d34237-fd88-4876-8ca0-025f950d210b",
|
||
|
"indicator--55d34237-3e8c-48fd-b64d-025f950d210b",
|
||
|
"indicator--55d34238-18a0-4ab7-b787-025f950d210b",
|
||
|
"indicator--55d34238-a9ac-494e-be08-025f950d210b",
|
||
|
"indicator--55d34238-2a54-4a9a-8f7b-025f950d210b",
|
||
|
"indicator--55d34238-7fe8-499c-9ada-025f950d210b",
|
||
|
"indicator--55d34238-6fbc-4a89-9331-025f950d210b",
|
||
|
"indicator--55d34238-ff28-408a-9333-025f950d210b",
|
||
|
"indicator--55d34239-b79c-4af0-8368-025f950d210b",
|
||
|
"indicator--55d34239-237c-4d58-a07c-025f950d210b",
|
||
|
"indicator--55d34239-e750-4358-b615-025f950d210b",
|
||
|
"indicator--55d34239-f390-4787-9f88-025f950d210b",
|
||
|
"indicator--55d34239-f064-4777-b8f9-025f950d210b",
|
||
|
"indicator--55d3423a-5fa4-49b6-946c-025f950d210b",
|
||
|
"indicator--55d3423a-9af8-4153-83dc-025f950d210b",
|
||
|
"indicator--55d3423a-6898-4a08-809b-025f950d210b",
|
||
|
"indicator--55d3423a-7050-47ab-a102-025f950d210b",
|
||
|
"indicator--55d3423a-ecbc-470a-b91d-025f950d210b",
|
||
|
"indicator--55d3423b-9b68-4930-a1eb-025f950d210b",
|
||
|
"indicator--55d3423b-0828-4efb-b4dc-025f950d210b",
|
||
|
"indicator--55d3423b-0838-478a-893d-025f950d210b",
|
||
|
"indicator--55d3423b-fd90-4384-8409-025f950d210b",
|
||
|
"indicator--55d3423b-3cf0-4b8f-986b-025f950d210b",
|
||
|
"indicator--55d3423c-c660-4de5-a0cb-025f950d210b",
|
||
|
"indicator--55d3423c-5b50-4f6f-b594-025f950d210b",
|
||
|
"indicator--55d3423c-b5f8-4668-a248-025f950d210b",
|
||
|
"indicator--55d3423c-e2f4-4ac1-9ee7-025f950d210b",
|
||
|
"indicator--55d3423c-a64c-4a95-810a-025f950d210b",
|
||
|
"indicator--55d3423d-946c-4960-9606-025f950d210b",
|
||
|
"indicator--55d3423d-bcf0-46f2-9072-025f950d210b",
|
||
|
"indicator--55d3423d-a0bc-425b-a07b-025f950d210b",
|
||
|
"indicator--55d3423d-da94-4e54-8adf-025f950d210b",
|
||
|
"indicator--55d3423d-f84c-41ba-ac89-025f950d210b",
|
||
|
"indicator--55d3423e-684c-4955-b532-025f950d210b",
|
||
|
"indicator--55d3423e-9798-402f-ae5b-025f950d210b",
|
||
|
"indicator--55d3423e-f2fc-4cc9-9d90-025f950d210b",
|
||
|
"indicator--55d3423e-71dc-4cd7-a211-025f950d210b",
|
||
|
"indicator--55d3423e-df38-494b-9c07-025f950d210b",
|
||
|
"indicator--55d3423f-3d80-43d1-9215-025f950d210b",
|
||
|
"indicator--55d3423f-7994-4749-b1a0-025f950d210b",
|
||
|
"indicator--55d3423f-8768-4bfe-a07d-025f950d210b",
|
||
|
"indicator--55d3423f-fa34-4516-9823-025f950d210b",
|
||
|
"indicator--55d3423f-b728-4747-8187-025f950d210b",
|
||
|
"indicator--55d34240-0270-4817-904e-025f950d210b",
|
||
|
"indicator--55d34240-9f48-4787-bc70-025f950d210b",
|
||
|
"indicator--55d34240-98e0-4130-8177-025f950d210b",
|
||
|
"indicator--55d34240-c570-4d15-b3be-025f950d210b",
|
||
|
"indicator--55d34240-50fc-46d4-b3fa-025f950d210b",
|
||
|
"indicator--55d34240-e404-4f4e-8c72-025f950d210b",
|
||
|
"indicator--55d34241-7b38-4694-b3ff-025f950d210b",
|
||
|
"indicator--55d34241-c858-487d-b8b8-025f950d210b",
|
||
|
"indicator--55d34241-7a90-4a5f-93c4-025f950d210b",
|
||
|
"indicator--55d34241-a760-4eff-b7be-025f950d210b",
|
||
|
"indicator--55d34241-3278-4c20-952c-025f950d210b",
|
||
|
"indicator--55d34242-c598-4e00-97b0-025f950d210b",
|
||
|
"indicator--55d34242-7300-4324-934a-025f950d210b",
|
||
|
"indicator--55d34242-b810-4c04-8a35-025f950d210b",
|
||
|
"indicator--55d3425b-0ba8-4ee6-9dc0-2258950d210b",
|
||
|
"indicator--55d3425c-d5b4-471a-b8cc-2258950d210b",
|
||
|
"indicator--55d3425c-e2a8-441b-af86-2258950d210b",
|
||
|
"indicator--55d3425c-b6d4-42e0-b586-2258950d210b",
|
||
|
"indicator--55d3425c-bf18-4ad5-9eed-2258950d210b",
|
||
|
"indicator--55d3425c-bcbc-4ce2-80f8-2258950d210b",
|
||
|
"indicator--55d3425d-1a70-436e-924b-2258950d210b",
|
||
|
"indicator--55d3425d-49f0-4273-9a23-2258950d210b",
|
||
|
"indicator--55d3425d-d2f8-43f4-a97f-2258950d210b",
|
||
|
"indicator--55d3425d-bed0-4e64-8a74-2258950d210b",
|
||
|
"indicator--55d3425d-e638-47f9-8bb9-2258950d210b",
|
||
|
"indicator--55d3425e-ff74-4804-acdc-2258950d210b",
|
||
|
"indicator--55d3425e-3098-4eb9-9466-2258950d210b",
|
||
|
"indicator--55d3425e-d8e8-450c-a101-2258950d210b",
|
||
|
"indicator--55d3425e-c9c8-4db5-83a9-2258950d210b",
|
||
|
"indicator--55d3425e-b538-4b2b-8354-2258950d210b",
|
||
|
"indicator--55d3425f-75f0-40cc-8f46-2258950d210b",
|
||
|
"indicator--55d3425f-0004-434d-a0dd-2258950d210b",
|
||
|
"indicator--55d3425f-4ed0-4e42-b5fb-2258950d210b",
|
||
|
"indicator--55d3425f-90d0-453a-9a8a-2258950d210b",
|
||
|
"indicator--55d3425f-af5c-473c-bfdd-2258950d210b",
|
||
|
"indicator--55d34260-d1b4-4006-b22b-2258950d210b",
|
||
|
"indicator--55d34260-5360-4273-8005-2258950d210b",
|
||
|
"indicator--55d34260-6ca0-46d4-b2aa-2258950d210b",
|
||
|
"indicator--55d34260-9ef4-4170-972c-2258950d210b",
|
||
|
"indicator--55d34260-5af0-4a3e-861d-2258950d210b",
|
||
|
"indicator--55d34261-0c74-4ecc-8f49-2258950d210b",
|
||
|
"indicator--55d34261-c530-48b8-a1e6-2258950d210b",
|
||
|
"indicator--55d34261-4464-4029-a837-2258950d210b",
|
||
|
"indicator--55d34261-6ed0-4a0d-a38d-2258950d210b",
|
||
|
"indicator--55d34261-13ec-45ce-9f5d-2258950d210b",
|
||
|
"indicator--55d34262-5de4-4b84-b1ff-2258950d210b",
|
||
|
"indicator--55d34262-ae40-4fc2-9c51-2258950d210b",
|
||
|
"indicator--55d34262-520c-4b33-bd6c-2258950d210b",
|
||
|
"indicator--55d34262-0344-40ba-9390-2258950d210b",
|
||
|
"indicator--55d34262-59c4-4ecd-9180-2258950d210b",
|
||
|
"indicator--55d34263-2f24-4ab8-abe6-2258950d210b",
|
||
|
"indicator--55d34263-4c44-4898-bead-2258950d210b",
|
||
|
"indicator--55d34263-d428-4099-873f-2258950d210b",
|
||
|
"indicator--55d34263-aa78-490f-8a08-2258950d210b",
|
||
|
"indicator--55d34263-7c3c-4910-a44a-2258950d210b",
|
||
|
"indicator--55d34264-ab04-44f9-a05b-2258950d210b",
|
||
|
"indicator--55d34264-5c40-4053-bfd7-2258950d210b",
|
||
|
"indicator--55d34264-c294-4092-97d3-2258950d210b",
|
||
|
"indicator--55d34264-a614-4f62-908e-2258950d210b",
|
||
|
"indicator--55d34264-ca68-47e6-9ab3-2258950d210b",
|
||
|
"indicator--55d34265-61ac-404c-a558-2258950d210b",
|
||
|
"indicator--55d34265-6b84-47a3-8951-2258950d210b",
|
||
|
"indicator--55d34265-37f0-4364-95cb-2258950d210b",
|
||
|
"indicator--55d34265-3c24-460c-bf14-2258950d210b",
|
||
|
"indicator--55d34265-15d4-4418-82c1-2258950d210b",
|
||
|
"indicator--55d34266-816c-4ee7-928a-2258950d210b",
|
||
|
"indicator--55d34266-0388-4482-a6af-2258950d210b",
|
||
|
"indicator--55d34266-49e4-4971-a756-2258950d210b",
|
||
|
"indicator--55d34266-7898-4560-8b30-2258950d210b",
|
||
|
"indicator--55d34266-c6ec-4f7f-b55a-2258950d210b",
|
||
|
"indicator--55d34267-7e0c-415f-88d5-2258950d210b",
|
||
|
"indicator--55d34267-31f4-463d-9964-2258950d210b",
|
||
|
"indicator--55d34267-b08c-4ccc-bd82-2258950d210b",
|
||
|
"indicator--55d34267-c628-4996-a88c-2258950d210b",
|
||
|
"indicator--55d34267-c598-4eb7-9baa-2258950d210b",
|
||
|
"indicator--55d34268-35fc-4552-918f-2258950d210b",
|
||
|
"indicator--55d34268-d0b0-4b63-9700-2258950d210b",
|
||
|
"indicator--55d34268-807c-4e37-b4aa-2258950d210b",
|
||
|
"indicator--55d34268-4ab0-457d-a63b-2258950d210b",
|
||
|
"indicator--55d34268-6198-4573-8069-2258950d210b",
|
||
|
"indicator--55d34268-5f28-4ae3-8bc0-2258950d210b",
|
||
|
"indicator--55d34269-f7f8-4f02-8227-2258950d210b",
|
||
|
"indicator--55d34269-5114-4fcf-8a5e-2258950d210b",
|
||
|
"indicator--55d34269-c808-40f3-bbc9-2258950d210b",
|
||
|
"indicator--55d34269-1b34-407e-add1-2258950d210b",
|
||
|
"indicator--55d34269-db08-4832-af12-2258950d210b",
|
||
|
"indicator--55d3426a-08d0-409c-8252-2258950d210b",
|
||
|
"indicator--55d3426a-6110-4c43-a072-2258950d210b",
|
||
|
"indicator--55d3426a-5aa8-485c-997d-2258950d210b",
|
||
|
"indicator--55d3426a-2654-40f6-83bd-2258950d210b",
|
||
|
"indicator--55d3426a-9c28-4828-8d45-2258950d210b",
|
||
|
"indicator--55d3426b-3ff0-4213-be29-2258950d210b",
|
||
|
"indicator--55d3426b-70f8-4e8b-b13a-2258950d210b",
|
||
|
"indicator--55d3426b-16ac-492d-af5d-2258950d210b",
|
||
|
"indicator--55d3426b-2cb4-459b-ab64-2258950d210b",
|
||
|
"indicator--55d3426c-cf3c-4dca-aeac-2258950d210b",
|
||
|
"indicator--55d3426c-63a0-4c04-a0c1-2258950d210b",
|
||
|
"indicator--55d3426c-659c-48ca-932c-2258950d210b",
|
||
|
"indicator--55d3426c-2cd4-4ae8-9e57-2258950d210b",
|
||
|
"indicator--55d3426c-84b4-42df-a02a-2258950d210b",
|
||
|
"indicator--55d3426c-65f8-4672-aa3a-2258950d210b",
|
||
|
"indicator--55d3426d-c668-4e01-8867-2258950d210b",
|
||
|
"indicator--55d3426d-0d18-4440-8756-2258950d210b",
|
||
|
"indicator--55d3426d-88cc-45fc-adcd-2258950d210b",
|
||
|
"indicator--55d3426d-7410-4219-bb4d-2258950d210b",
|
||
|
"indicator--55d3426d-6d4c-458b-8b0a-2258950d210b",
|
||
|
"indicator--55d3426e-a01c-4692-bc15-2258950d210b",
|
||
|
"indicator--55d3426e-dbc4-4588-afce-2258950d210b",
|
||
|
"indicator--55d3426e-ef10-46c1-aa8c-2258950d210b",
|
||
|
"indicator--55d3426e-be40-40cf-af8d-2258950d210b",
|
||
|
"indicator--55d3426e-e93c-4b87-8589-2258950d210b",
|
||
|
"indicator--55d3426f-52c0-473e-a8bf-2258950d210b",
|
||
|
"indicator--55d3426f-a9ac-4b0c-b6e4-2258950d210b",
|
||
|
"indicator--55d3426f-c08c-402e-b9e9-2258950d210b",
|
||
|
"indicator--55d3426f-7d30-4858-9bb5-2258950d210b",
|
||
|
"indicator--55d3426f-a0e8-43f3-9ba1-2258950d210b",
|
||
|
"indicator--55d34270-34a4-4cb6-8093-2258950d210b",
|
||
|
"indicator--55d34270-7c54-4d04-b9fb-2258950d210b",
|
||
|
"indicator--55d34270-dcf0-4a91-ace4-2258950d210b",
|
||
|
"indicator--55d34270-8c0c-46a7-ba43-2258950d210b",
|
||
|
"indicator--55d34270-65b0-43c3-bf5e-2258950d210b",
|
||
|
"indicator--55d34271-d2b8-454c-9ba4-2258950d210b",
|
||
|
"indicator--55d34271-af0c-43d2-9d31-2258950d210b",
|
||
|
"indicator--55d34271-6d6c-4c68-8c00-2258950d210b",
|
||
|
"indicator--55d34271-3754-4909-9ab3-2258950d210b",
|
||
|
"indicator--55d34271-e008-44df-9520-2258950d210b",
|
||
|
"indicator--55d34272-2fac-4239-bbff-2258950d210b",
|
||
|
"indicator--55d34272-5e38-460a-94a1-2258950d210b",
|
||
|
"indicator--55d34272-5c90-4a40-86a1-2258950d210b",
|
||
|
"indicator--55d34272-0a8c-4c72-9ae5-2258950d210b",
|
||
|
"indicator--55d34272-cbf0-4415-8225-2258950d210b",
|
||
|
"indicator--55d34272-1608-494f-ab7e-2258950d210b",
|
||
|
"indicator--55d34273-bb8c-4053-8921-2258950d210b",
|
||
|
"indicator--55d34273-7eec-494e-9457-2258950d210b",
|
||
|
"indicator--55d34273-1e68-427b-9603-2258950d210b",
|
||
|
"indicator--55d34273-24b8-4b63-aa5c-2258950d210b",
|
||
|
"indicator--55d34273-a58c-403b-b615-2258950d210b",
|
||
|
"indicator--55d34274-675c-4d32-a7da-2258950d210b",
|
||
|
"indicator--55d34274-682c-4825-a604-2258950d210b",
|
||
|
"indicator--55d34274-6e08-4863-8854-2258950d210b",
|
||
|
"indicator--55d34274-52cc-435b-89f3-2258950d210b",
|
||
|
"indicator--55d34274-4c34-4504-bb88-2258950d210b",
|
||
|
"indicator--55d34275-657c-42d7-8837-2258950d210b",
|
||
|
"indicator--55d34275-713c-452c-a4c3-2258950d210b",
|
||
|
"indicator--55d34275-bf94-49b3-9f88-2258950d210b",
|
||
|
"indicator--55d34275-50fc-42a7-b1e0-2258950d210b",
|
||
|
"indicator--55d34275-acf4-448f-a90a-2258950d210b",
|
||
|
"indicator--55d34276-48f0-437a-995e-2258950d210b",
|
||
|
"indicator--55d34276-c608-4e55-a60e-2258950d210b",
|
||
|
"indicator--55d34276-101c-4e56-ae5f-2258950d210b",
|
||
|
"indicator--55d34276-a210-4d31-9158-2258950d210b",
|
||
|
"indicator--55d34276-1854-4432-8341-2258950d210b",
|
||
|
"indicator--55d34277-14b0-47b4-ba2a-2258950d210b",
|
||
|
"indicator--55d34277-5b40-4ce3-85f9-2258950d210b",
|
||
|
"indicator--55d34277-3e94-48c5-98b0-2258950d210b",
|
||
|
"indicator--55d34277-0be4-4343-9f4a-2258950d210b",
|
||
|
"indicator--55d34277-6828-46bc-89be-2258950d210b",
|
||
|
"indicator--55d34278-9a2c-48ab-bb6a-2258950d210b",
|
||
|
"indicator--55d34278-cb84-4794-afa8-2258950d210b",
|
||
|
"indicator--55d34278-e594-4ce1-8478-2258950d210b",
|
||
|
"indicator--55d34278-ed74-438d-8f44-2258950d210b",
|
||
|
"indicator--55d34278-7994-404b-8cf4-2258950d210b",
|
||
|
"indicator--55d34279-8dc4-43e7-99e2-2258950d210b",
|
||
|
"indicator--55d34279-31f4-4404-a79a-2258950d210b",
|
||
|
"indicator--55d34279-a640-4f3c-b646-2258950d210b",
|
||
|
"indicator--55d34279-7d90-4b27-bf2b-2258950d210b",
|
||
|
"indicator--55d34279-12d8-4793-a368-2258950d210b",
|
||
|
"indicator--55d34279-082c-4b7d-bc05-2258950d210b",
|
||
|
"indicator--55d3427a-d724-48bc-9b5b-2258950d210b",
|
||
|
"indicator--55d3427a-b9d8-485e-9e41-2258950d210b",
|
||
|
"indicator--55d3427a-f548-4ee4-ad9c-2258950d210b",
|
||
|
"indicator--55d3427a-9704-46ef-80e9-2258950d210b",
|
||
|
"indicator--55d3427a-e890-4075-ab13-2258950d210b",
|
||
|
"indicator--55d3427b-2588-4625-93f2-2258950d210b",
|
||
|
"indicator--55d3427b-454c-4d76-bfc4-2258950d210b",
|
||
|
"indicator--55d3427b-05bc-4945-ba02-2258950d210b",
|
||
|
"indicator--55d3427b-ca24-4e2e-b701-2258950d210b",
|
||
|
"indicator--55d3427b-9e90-45e8-a6c9-2258950d210b",
|
||
|
"indicator--55d3427c-42f4-44e7-ab2c-2258950d210b",
|
||
|
"indicator--55d3427c-f82c-4080-a6e2-2258950d210b",
|
||
|
"indicator--55d3427c-b100-4a86-8fa5-2258950d210b",
|
||
|
"indicator--55d3427c-eef8-4848-8370-2258950d210b",
|
||
|
"indicator--55d3427c-9194-40f2-88d2-2258950d210b",
|
||
|
"indicator--55d3427d-706c-456f-843d-2258950d210b",
|
||
|
"indicator--55d3427d-98f8-455f-8f78-2258950d210b",
|
||
|
"indicator--55d3427d-d6bc-4d92-92e4-2258950d210b",
|
||
|
"indicator--55d3427d-414c-486c-8592-2258950d210b",
|
||
|
"indicator--55d3427d-5a40-4cac-af1e-2258950d210b",
|
||
|
"indicator--55d3427e-c5ac-4b80-8c16-2258950d210b",
|
||
|
"indicator--55d3427e-5710-46ea-9db7-2258950d210b",
|
||
|
"indicator--55d3427e-03c4-41e0-b956-2258950d210b",
|
||
|
"indicator--55d3427e-c518-4e70-bf09-2258950d210b",
|
||
|
"indicator--55d3427e-fb9c-49c4-a57f-2258950d210b",
|
||
|
"indicator--55d3427f-4c14-4b65-9591-2258950d210b",
|
||
|
"indicator--55d3427f-2240-4aa7-a51f-2258950d210b",
|
||
|
"indicator--55d3427f-5e88-41d5-a77d-2258950d210b",
|
||
|
"indicator--55d3427f-e75c-4218-b126-2258950d210b",
|
||
|
"indicator--55dc4c4c-c6d8-48e1-b756-c974950d210b",
|
||
|
"indicator--55dc4c4c-7484-4830-9c52-c974950d210b",
|
||
|
"indicator--55dc4c4c-a53c-44a6-98bd-c974950d210b",
|
||
|
"indicator--55dc4c4c-4b5c-40df-9ab3-c974950d210b",
|
||
|
"indicator--55dc4c4c-a3b8-476e-88c1-c974950d210b",
|
||
|
"indicator--55dc4c4d-22ac-4071-b622-c974950d210b",
|
||
|
"indicator--55dc4c4d-4678-48fb-96f1-c974950d210b",
|
||
|
"indicator--55dc4c4d-8bf8-484a-9a3b-c974950d210b",
|
||
|
"indicator--55dc4c4d-7120-4a1e-9d73-c974950d210b",
|
||
|
"indicator--55dc4c4e-3dfc-46c4-9e15-c974950d210b",
|
||
|
"indicator--55dc4c4e-f128-4c48-bf57-c974950d210b",
|
||
|
"indicator--55dc4c4e-2264-4e0c-99d4-c974950d210b",
|
||
|
"indicator--55dc4c4e-2280-410b-ad38-c974950d210b",
|
||
|
"indicator--55dc4c4e-1e90-4e39-a841-c974950d210b",
|
||
|
"indicator--55dc4c4f-2ca4-4fa0-ad63-c974950d210b",
|
||
|
"vulnerability--55dc4c4f-5a2c-48d4-a736-c974950d210b",
|
||
|
"vulnerability--55dc4c4f-863c-4ab7-b80c-c974950d210b",
|
||
|
"indicator--55dc4c4f-4df0-41ae-838d-c974950d210b",
|
||
|
"indicator--55dc4c4f-a8cc-49fb-9be3-c974950d210b",
|
||
|
"indicator--55dc4c4f-5ad8-4b9e-91c8-c974950d210b",
|
||
|
"indicator--55dc4c50-69b4-4d12-99a0-c974950d210b",
|
||
|
"indicator--55dc4c50-7898-4ca2-bf0d-c974950d210b",
|
||
|
"indicator--55dc4c50-f560-43e5-af4e-c974950d210b",
|
||
|
"indicator--55dc4c50-fa1c-4f5a-9a5b-c974950d210b",
|
||
|
"indicator--55dc4c50-402c-4f93-acc4-c974950d210b",
|
||
|
"indicator--55dc4c51-0538-46f6-a9d1-c974950d210b",
|
||
|
"indicator--55dc4c51-e52c-4740-80cc-c974950d210b",
|
||
|
"indicator--55dc4c51-7db0-45bd-b141-c974950d210b",
|
||
|
"indicator--55dc4c51-55ec-4bc4-8182-c974950d210b",
|
||
|
"indicator--55dc4c52-bb18-4a0c-8748-c974950d210b",
|
||
|
"indicator--55dc4c52-4a24-4824-91b0-c974950d210b",
|
||
|
"indicator--55dc4c52-59a8-43d3-9283-c974950d210b",
|
||
|
"indicator--55dc4c52-89a4-4d53-a30a-c974950d210b",
|
||
|
"indicator--55dc4c52-9c4c-49d0-a867-c974950d210b",
|
||
|
"indicator--55dc4c53-f2a8-4b6f-b770-c974950d210b",
|
||
|
"indicator--55dc4c53-e96c-4243-9983-c974950d210b",
|
||
|
"indicator--55dc4c53-c1d8-4ec1-9c57-c974950d210b",
|
||
|
"indicator--55dc4c53-3214-421b-9771-c974950d210b",
|
||
|
"indicator--55dc4c54-f574-4142-8474-c974950d210b",
|
||
|
"indicator--55dc4c54-9ce4-455b-b4b1-c974950d210b",
|
||
|
"observed-data--55dc4c71-9188-4517-97cb-bbd8950d210b",
|
||
|
"url--55dc4c71-9188-4517-97cb-bbd8950d210b",
|
||
|
"indicator--55dc5712-486c-4e02-821b-d963950d210b",
|
||
|
"indicator--55dc5712-4dc4-4928-a13c-d963950d210b",
|
||
|
"observed-data--55dc5712-dc50-4e05-b9c1-d963950d210b",
|
||
|
"url--55dc5712-dc50-4e05-b9c1-d963950d210b",
|
||
|
"indicator--55dc5713-5ad0-4f6d-bc48-d963950d210b",
|
||
|
"indicator--55dc5713-fc64-476a-aa1f-d963950d210b",
|
||
|
"observed-data--55dc5713-96fc-49ec-aa38-d963950d210b",
|
||
|
"url--55dc5713-96fc-49ec-aa38-d963950d210b",
|
||
|
"indicator--55dc5713-a878-41c2-b9de-d963950d210b",
|
||
|
"indicator--55dc5713-2dd8-478c-8e81-d963950d210b",
|
||
|
"observed-data--55dc5714-6b08-457e-9bc2-d963950d210b",
|
||
|
"url--55dc5714-6b08-457e-9bc2-d963950d210b",
|
||
|
"indicator--55dc5714-3aa4-4bdc-a6cb-d963950d210b",
|
||
|
"indicator--55dc5714-da00-445b-8dd4-d963950d210b",
|
||
|
"observed-data--55dc5714-8e2c-45be-8e98-d963950d210b",
|
||
|
"url--55dc5714-8e2c-45be-8e98-d963950d210b",
|
||
|
"indicator--55dc5715-e920-4c7a-babf-d963950d210b",
|
||
|
"indicator--55dc5715-63dc-436e-86ba-d963950d210b",
|
||
|
"observed-data--55dc5715-10dc-4b56-9bd7-d963950d210b",
|
||
|
"url--55dc5715-10dc-4b56-9bd7-d963950d210b",
|
||
|
"indicator--55dc5715-4b44-430c-b36c-d963950d210b",
|
||
|
"indicator--55dc5715-00c4-4935-a1ca-d963950d210b",
|
||
|
"observed-data--55dc5716-1914-4033-8c65-d963950d210b",
|
||
|
"url--55dc5716-1914-4033-8c65-d963950d210b",
|
||
|
"indicator--55dc5716-0334-4e98-8f76-d963950d210b",
|
||
|
"indicator--55dc5716-0a58-4240-a835-d963950d210b",
|
||
|
"observed-data--55dc5716-dca8-4f81-9711-d963950d210b",
|
||
|
"url--55dc5716-dca8-4f81-9711-d963950d210b",
|
||
|
"indicator--55dc5716-e378-4d1a-989c-d963950d210b",
|
||
|
"indicator--55dc5717-890c-41f9-986d-d963950d210b",
|
||
|
"observed-data--55dc5717-dd98-441f-bcbd-d963950d210b",
|
||
|
"url--55dc5717-dd98-441f-bcbd-d963950d210b",
|
||
|
"indicator--55dc5717-f008-4845-ac20-d963950d210b",
|
||
|
"indicator--55dc5717-fef0-4f9b-8a5c-d963950d210b",
|
||
|
"observed-data--55dc5718-6464-488b-8fb3-d963950d210b",
|
||
|
"url--55dc5718-6464-488b-8fb3-d963950d210b",
|
||
|
"indicator--55dc5718-be48-487d-b6d1-d963950d210b",
|
||
|
"indicator--55dc5718-56b8-44a9-8781-d963950d210b",
|
||
|
"observed-data--55dc5718-9f44-440f-820a-d963950d210b",
|
||
|
"url--55dc5718-9f44-440f-820a-d963950d210b",
|
||
|
"indicator--55dc5718-4e14-42a1-915c-d963950d210b",
|
||
|
"indicator--55dc5719-8f38-475f-b1b7-d963950d210b",
|
||
|
"observed-data--55dc5719-878c-4560-936a-d963950d210b",
|
||
|
"url--55dc5719-878c-4560-936a-d963950d210b",
|
||
|
"indicator--55dc5719-57d4-455a-aa2b-d963950d210b",
|
||
|
"indicator--55dc5719-88c4-45cd-b4b3-d963950d210b",
|
||
|
"observed-data--55dc5719-5814-496b-908d-d963950d210b",
|
||
|
"url--55dc5719-5814-496b-908d-d963950d210b",
|
||
|
"indicator--55dc571a-8414-4e93-aaa4-d963950d210b",
|
||
|
"indicator--55dc571a-0910-4e39-979e-d963950d210b",
|
||
|
"observed-data--55dc571a-1e3c-49e7-a402-d963950d210b",
|
||
|
"url--55dc571a-1e3c-49e7-a402-d963950d210b",
|
||
|
"indicator--55dc571a-5a70-4f22-aa88-d963950d210b",
|
||
|
"indicator--55dc571b-0268-4c1e-8b9a-d963950d210b",
|
||
|
"observed-data--55dc571b-6ec4-4d3b-a698-d963950d210b",
|
||
|
"url--55dc571b-6ec4-4d3b-a698-d963950d210b",
|
||
|
"indicator--55dc571b-3cfc-423d-93ba-d963950d210b",
|
||
|
"indicator--55dc571b-ade0-4681-aa11-d963950d210b",
|
||
|
"observed-data--55dc571b-dc50-490d-afd4-d963950d210b",
|
||
|
"url--55dc571b-dc50-490d-afd4-d963950d210b",
|
||
|
"indicator--55dc571c-9be0-4d77-91c7-d963950d210b",
|
||
|
"indicator--55dc571c-6e98-440f-8910-d963950d210b",
|
||
|
"observed-data--55dc571c-7644-43d2-8a93-d963950d210b",
|
||
|
"url--55dc571c-7644-43d2-8a93-d963950d210b",
|
||
|
"indicator--55dc571c-70e0-4881-8621-d963950d210b",
|
||
|
"indicator--55dc571c-4628-4d5e-a80e-d963950d210b",
|
||
|
"observed-data--55dc571d-02d4-4af5-8d5d-d963950d210b",
|
||
|
"url--55dc571d-02d4-4af5-8d5d-d963950d210b",
|
||
|
"indicator--55dc571d-e548-4496-8178-d963950d210b",
|
||
|
"indicator--55dc571d-5930-41d2-9772-d963950d210b",
|
||
|
"observed-data--55dc571d-da7c-4484-844f-d963950d210b",
|
||
|
"url--55dc571d-da7c-4484-844f-d963950d210b",
|
||
|
"indicator--55dc571e-5170-4f78-b475-d963950d210b",
|
||
|
"indicator--55dc571e-9a20-483c-b155-d963950d210b",
|
||
|
"observed-data--55dc571e-329c-496b-bf49-d963950d210b",
|
||
|
"url--55dc571e-329c-496b-bf49-d963950d210b",
|
||
|
"indicator--55dc571e-2cd0-4f69-a7eb-d963950d210b",
|
||
|
"indicator--55dc571e-46c4-4afd-bc65-d963950d210b",
|
||
|
"observed-data--55dc571f-ad10-408c-a6ef-d963950d210b",
|
||
|
"url--55dc571f-ad10-408c-a6ef-d963950d210b",
|
||
|
"indicator--55dc571f-98bc-4cd2-b74a-d963950d210b",
|
||
|
"indicator--55dc571f-f8cc-4c12-85db-d963950d210b",
|
||
|
"observed-data--55dc571f-e998-40ff-8215-d963950d210b",
|
||
|
"url--55dc571f-e998-40ff-8215-d963950d210b",
|
||
|
"indicator--55dc571f-0874-4b50-b2e1-d963950d210b",
|
||
|
"indicator--55dc5720-8138-48a4-969e-d963950d210b",
|
||
|
"observed-data--55dc5720-59e0-40c3-9547-d963950d210b",
|
||
|
"url--55dc5720-59e0-40c3-9547-d963950d210b",
|
||
|
"indicator--55dc5720-54dc-48a8-a0b1-d963950d210b",
|
||
|
"indicator--55dc5720-bfe4-49c9-89ea-d963950d210b",
|
||
|
"observed-data--55dc5720-35dc-4793-b608-d963950d210b",
|
||
|
"url--55dc5720-35dc-4793-b608-d963950d210b",
|
||
|
"indicator--55dc5721-5b38-415b-bf95-d963950d210b",
|
||
|
"indicator--55dc5721-7790-4a7c-b35f-d963950d210b",
|
||
|
"observed-data--55dc5721-b5d8-4d95-b3bf-d963950d210b",
|
||
|
"url--55dc5721-b5d8-4d95-b3bf-d963950d210b",
|
||
|
"indicator--55dc5721-2978-497b-b2d7-d963950d210b",
|
||
|
"indicator--55dc5722-679c-40d1-81cd-d963950d210b",
|
||
|
"observed-data--55dc5722-04dc-4b02-8360-d963950d210b",
|
||
|
"url--55dc5722-04dc-4b02-8360-d963950d210b",
|
||
|
"indicator--55dc5722-9be4-4ab7-a435-d963950d210b",
|
||
|
"indicator--55dc5722-25ec-4b4e-b3a9-d963950d210b",
|
||
|
"observed-data--55dc5722-6340-418c-98e8-d963950d210b",
|
||
|
"url--55dc5722-6340-418c-98e8-d963950d210b",
|
||
|
"indicator--55dc5723-e984-4284-9adf-d963950d210b",
|
||
|
"indicator--55dc5723-939c-4348-953c-d963950d210b",
|
||
|
"observed-data--55dc5723-4f10-455c-977d-d963950d210b",
|
||
|
"url--55dc5723-4f10-455c-977d-d963950d210b",
|
||
|
"indicator--55dc5723-52b0-47ca-ac5f-d963950d210b",
|
||
|
"indicator--55dc5723-d318-48b0-b0ea-d963950d210b",
|
||
|
"observed-data--55dc5724-289c-45a7-8f54-d963950d210b",
|
||
|
"url--55dc5724-289c-45a7-8f54-d963950d210b",
|
||
|
"indicator--55dc5724-b270-43ec-b4b0-d963950d210b",
|
||
|
"indicator--55dc5724-354c-4f86-aa57-d963950d210b",
|
||
|
"observed-data--55dc5724-55c0-4917-9d19-d963950d210b",
|
||
|
"url--55dc5724-55c0-4917-9d19-d963950d210b",
|
||
|
"indicator--55dc5725-e55c-42b9-b049-d963950d210b",
|
||
|
"indicator--55dc5725-eebc-43e9-904f-d963950d210b",
|
||
|
"observed-data--55dc5725-a614-414f-b5dd-d963950d210b",
|
||
|
"url--55dc5725-a614-414f-b5dd-d963950d210b",
|
||
|
"indicator--55dc5725-1a7c-40a6-98a4-d963950d210b",
|
||
|
"indicator--55dc5725-3d90-4b3c-b0cd-d963950d210b",
|
||
|
"observed-data--55dc5726-bd90-4d38-8566-d963950d210b",
|
||
|
"url--55dc5726-bd90-4d38-8566-d963950d210b",
|
||
|
"indicator--55dc5726-6ce4-4dd9-abea-d963950d210b",
|
||
|
"indicator--55dc5726-1464-4a09-b80a-d963950d210b",
|
||
|
"observed-data--55dc5726-fca8-4b08-a4cb-d963950d210b",
|
||
|
"url--55dc5726-fca8-4b08-a4cb-d963950d210b",
|
||
|
"indicator--55dc5726-3cf0-4ff7-9b54-d963950d210b",
|
||
|
"indicator--55dc5727-7328-494a-8dfe-d963950d210b",
|
||
|
"observed-data--55dc5727-12e8-4ecb-84e7-d963950d210b",
|
||
|
"url--55dc5727-12e8-4ecb-84e7-d963950d210b",
|
||
|
"indicator--55dc5727-9604-4b2e-a33c-d963950d210b",
|
||
|
"indicator--55dc5727-0628-4ec7-8818-d963950d210b",
|
||
|
"observed-data--55dc5728-cce0-4493-98d9-d963950d210b",
|
||
|
"url--55dc5728-cce0-4493-98d9-d963950d210b",
|
||
|
"indicator--55dc5728-ac34-47d7-b7e3-d963950d210b",
|
||
|
"indicator--55dc5728-ee14-4768-b58c-d963950d210b",
|
||
|
"observed-data--55dc5728-802c-4545-b115-d963950d210b",
|
||
|
"url--55dc5728-802c-4545-b115-d963950d210b",
|
||
|
"indicator--55dc5728-97cc-40bd-88ce-d963950d210b",
|
||
|
"indicator--55dc5729-6a0c-4e90-a176-d963950d210b",
|
||
|
"observed-data--55dc5729-2ae8-4305-a41b-d963950d210b",
|
||
|
"url--55dc5729-2ae8-4305-a41b-d963950d210b",
|
||
|
"indicator--55dc5729-2b28-410d-a606-d963950d210b",
|
||
|
"observed-data--55dc5729-ea60-4523-80b5-d963950d210b",
|
||
|
"url--55dc5729-ea60-4523-80b5-d963950d210b",
|
||
|
"indicator--55dc572a-e358-4c90-9ae3-d963950d210b",
|
||
|
"indicator--55dc572a-bbe4-477c-8bfc-d963950d210b",
|
||
|
"observed-data--55dc572a-c374-4dfc-a3b2-d963950d210b",
|
||
|
"url--55dc572a-c374-4dfc-a3b2-d963950d210b",
|
||
|
"indicator--55dc572a-bf3c-46c0-b73c-d963950d210b",
|
||
|
"indicator--55dc572b-5070-49bb-a474-d963950d210b",
|
||
|
"observed-data--55dc572b-4770-4a42-9471-d963950d210b",
|
||
|
"url--55dc572b-4770-4a42-9471-d963950d210b",
|
||
|
"indicator--55dc572b-6cac-4db0-8f14-d963950d210b",
|
||
|
"indicator--55dc572b-5d60-4035-8ae1-d963950d210b",
|
||
|
"observed-data--55dc572b-d61c-4522-b5a1-d963950d210b",
|
||
|
"url--55dc572b-d61c-4522-b5a1-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"type:OSINT"
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55d341ee-1940-4dc3-8e40-04ed950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:32:14.000Z",
|
||
|
"modified": "2015-08-18T14:32:14.000Z",
|
||
|
"first_observed": "2015-08-18T14:32:14Z",
|
||
|
"last_observed": "2015-08-18T14:32:14Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55d341ee-1940-4dc3-8e40-04ed950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55d341ee-1940-4dc3-8e40-04ed950d210b",
|
||
|
"value": "https://www.damballa.com/tracing-ponys-threat-cycle/"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55d34201-b8fc-405a-ad02-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:32:33.000Z",
|
||
|
"modified": "2015-08-18T14:32:33.000Z",
|
||
|
"first_observed": "2015-08-18T14:32:33Z",
|
||
|
"last_observed": "2015-08-18T14:32:33Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55d34201-b8fc-405a-ad02-025f950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55d34201-b8fc-405a-ad02-025f950d210b",
|
||
|
"value": "https://github.com/damballa/Threat-research/tree/master/IOCs/ponyup"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55d34201-2c68-426a-a276-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:32:33.000Z",
|
||
|
"modified": "2015-08-18T14:32:33.000Z",
|
||
|
"first_observed": "2015-08-18T14:32:33Z",
|
||
|
"last_observed": "2015-08-18T14:32:33Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55d34201-2c68-426a-a276-025f950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55d34201-2c68-426a-a276-025f950d210b",
|
||
|
"value": "https://www.damballa.com/wp-content/uploads/2015/08/Damballa_PonyUp.pdf"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421c-4144-4495-8a98-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:00.000Z",
|
||
|
"modified": "2015-08-18T14:33:00.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '2a1a0eb2b6071c56f25c4304c555da350d67c99a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421c-0c24-48b2-af63-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:00.000Z",
|
||
|
"modified": "2015-08-18T14:33:00.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '3f548e9f4f8b1c1ee9341055a75345e1d2b4358a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421c-a594-49d7-bdbc-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:00.000Z",
|
||
|
"modified": "2015-08-18T14:33:00.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '5b85b8cd91539f19f0d0cb2fc692722bc944f32a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421c-e300-44d9-bcbc-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:00.000Z",
|
||
|
"modified": "2015-08-18T14:33:00.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8ab7df1193c9a3f6ad33426b634c581939dc9281']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421c-0a68-432f-ae7c-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:00.000Z",
|
||
|
"modified": "2015-08-18T14:33:00.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '12cb416b69ffc56c12aad92f95040603261dc217']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421d-d4f4-4d2e-8c44-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:01.000Z",
|
||
|
"modified": "2015-08-18T14:33:01.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '83f1b17fb18fc0ad14ce1bbf2a5d165404edef93']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421d-c0e8-4b0b-b41e-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:01.000Z",
|
||
|
"modified": "2015-08-18T14:33:01.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '92d4c9117fb2fe48333e71822e433807fb5198c4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421d-ea98-448a-bc62-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:01.000Z",
|
||
|
"modified": "2015-08-18T14:33:01.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '496f84635f216e93d9661a403e43ff1903a2a2e8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421d-1940-4b2d-9974-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:01.000Z",
|
||
|
"modified": "2015-08-18T14:33:01.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '4398c2b731f4939414bba70aac5260ff1d1ae865']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421d-e430-44fc-861f-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:01.000Z",
|
||
|
"modified": "2015-08-18T14:33:01.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '93327b8105ea5f67a5a5bcb3ffe9b8cbe75185d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421e-8494-4b26-914e-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:02.000Z",
|
||
|
"modified": "2015-08-18T14:33:02.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'a7c016bee0766f57f6a977f248c45cf06de5ab00']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421e-dbd4-42f0-bb54-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:02.000Z",
|
||
|
"modified": "2015-08-18T14:33:02.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b2abfaa9d14435a5b079b847a039b57b4036836c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421e-97b8-4579-a32a-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:02.000Z",
|
||
|
"modified": "2015-08-18T14:33:02.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b4a3ad2992af82d739d4eb110fab6966479ffd62']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421e-f004-43e0-b6f7-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:02.000Z",
|
||
|
"modified": "2015-08-18T14:33:02.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'bbece44ad7d76ffc70239cc97f5238de01ce6ccd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421e-f600-4b48-a815-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:02.000Z",
|
||
|
"modified": "2015-08-18T14:33:02.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'c707f688eff865b1f40dcb5dddd130b508d8e589']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-8684-4f32-900b-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd3ab3f733ad076546abb7debc3c79575083ec6d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-4044-4270-8164-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd9d9ba96bfce361002a7bec53db95390f72c3e0b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-19a8-4050-82e2-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'de5cdbec6ce4a38f9938944aa82fe8d30ae20171']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-235c-49a8-9f7b-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e11f512fb681ec2c5333da75dcd64f28bcfa5e3c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-fbdc-416c-9c21-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'eecbe32d493d3a5eaef2d6720e0d0cdfb8bc175c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3421f-db08-455d-bdac-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:03.000Z",
|
||
|
"modified": "2015-08-18T14:33:03.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f1fa5d774901995234fdfedb562953c6ed4c9eff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34220-2054-4c3a-aec6-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:04.000Z",
|
||
|
"modified": "2015-08-18T14:33:04.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f6d69a32f36e3d2e8a2b69acfd932e04ed3d2002']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34220-dd58-4116-add3-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:04.000Z",
|
||
|
"modified": "2015-08-18T14:33:04.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f13fa4951edddea82255db0de91a0c17f1b947b1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34220-d50c-46a2-b001-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:04.000Z",
|
||
|
"modified": "2015-08-18T14:33:04.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '1f5be0bd8fa955cfd11be6fb35210bb398eed193']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34220-0a88-4457-a86d-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:04.000Z",
|
||
|
"modified": "2015-08-18T14:33:04.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8b6619e4d4ef2297a18e8dd3aad9dda93883d574']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34220-5e58-403f-8daa-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:04.000Z",
|
||
|
"modified": "2015-08-18T14:33:04.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '071b754bffa96101bf8c563ad7efd4df3f221b2e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34221-db8c-4092-b89b-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:05.000Z",
|
||
|
"modified": "2015-08-18T14:33:05.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '462fe924876597a9396999dd24773e8ed9746997']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34221-50e8-4af1-aafa-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:05.000Z",
|
||
|
"modified": "2015-08-18T14:33:05.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '653cccc1daa752da24a9afbdad0449baae07bf1c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34221-de6c-4163-bdba-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:05.000Z",
|
||
|
"modified": "2015-08-18T14:33:05.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '4011a69c7dcc5d1f903f2f777fb3e35de748c8a3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34221-f9d0-4b57-af26-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:05.000Z",
|
||
|
"modified": "2015-08-18T14:33:05.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8422d870ebcafeb6c51142f1a95cc5b8f64b43ba']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34221-683c-4106-8585-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:05.000Z",
|
||
|
"modified": "2015-08-18T14:33:05.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '48593abe9a8543c9183e375fc185fd97c28f3549']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34222-9928-4a34-a1be-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:06.000Z",
|
||
|
"modified": "2015-08-18T14:33:06.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '61481016dace6765a485f32fd52760b2fb9b95ec']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34222-1964-4b18-97f0-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:06.000Z",
|
||
|
"modified": "2015-08-18T14:33:06.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e9c2d14bd123fa727ea5691c21374e88e95f877d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34222-8014-4417-9964-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:06.000Z",
|
||
|
"modified": "2015-08-18T14:33:06.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'dda088b93f203845bca009a850b89b3a2cdf3538']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34222-0d28-4223-9a31-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:06.000Z",
|
||
|
"modified": "2015-08-18T14:33:06.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'edc9c1929ff20950b99c42e22f3f448591351ce4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34222-12c0-4452-9ce3-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:06.000Z",
|
||
|
"modified": "2015-08-18T14:33:06.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b31423f986f562ae2070b5d103435a2bd0783762']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34223-4000-46a5-ac5f-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:07.000Z",
|
||
|
"modified": "2015-08-18T14:33:07.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'dc31cbded9d2afc0a8bcf9eea731712abaf12dfb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34223-4bcc-41ae-a9dc-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:07.000Z",
|
||
|
"modified": "2015-08-18T14:33:07.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '2ca92663a66a5b2047a921f746be56674fa05631']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34223-f6ec-48e3-97ed-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:07.000Z",
|
||
|
"modified": "2015-08-18T14:33:07.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'baea5192f69d7942722138445ed74c5a9909d255']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34223-fc0c-4e5b-b776-04ca950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:07.000Z",
|
||
|
"modified": "2015-08-18T14:33:07.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'ee051a2a04c0caf6ff81db0542ca3fa35b05c7b4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "External analysis"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"External analysis\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34231-e0cc-4698-865c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:21.000Z",
|
||
|
"modified": "2015-08-18T14:33:21.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.63.154.158']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34231-19cc-44d1-ba2c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:21.000Z",
|
||
|
"modified": "2015-08-18T14:33:21.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.196.241.203']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34232-900c-46b9-be6a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:22.000Z",
|
||
|
"modified": "2015-08-18T14:33:22.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '8.19.117.22']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34232-2844-409d-b91c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:22.000Z",
|
||
|
"modified": "2015-08-18T14:33:22.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.29.118.23']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34232-5de0-464a-a08d-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:22.000Z",
|
||
|
"modified": "2015-08-18T14:33:22.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.41.42.119']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34232-4f60-49af-9240-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:22.000Z",
|
||
|
"modified": "2015-08-18T14:33:22.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.184.192.214']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34232-763c-4455-9766-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:22.000Z",
|
||
|
"modified": "2015-08-18T14:33:22.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '38.84.134.207']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34233-35b4-4ae8-a508-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:23.000Z",
|
||
|
"modified": "2015-08-18T14:33:23.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.4.145.94']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34233-37a8-4f4a-9a49-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:23.000Z",
|
||
|
"modified": "2015-08-18T14:33:23.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.42.177']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34233-6640-4fbd-9055-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:23.000Z",
|
||
|
"modified": "2015-08-18T14:33:23.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.42.234']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34233-be60-4376-b327-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:23.000Z",
|
||
|
"modified": "2015-08-18T14:33:23.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.161.40.108']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34233-4ca8-47bf-8b88-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:23.000Z",
|
||
|
"modified": "2015-08-18T14:33:23.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.166.168.79']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34234-f5e4-415e-92c7-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:24.000Z",
|
||
|
"modified": "2015-08-18T14:33:24.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.75.196.124']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34234-2714-478d-b025-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:24.000Z",
|
||
|
"modified": "2015-08-18T14:33:24.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.76.179.132']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34234-f1ac-4c3b-8bcb-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:24.000Z",
|
||
|
"modified": "2015-08-18T14:33:24.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.173.145.8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34234-900c-4459-811a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:24.000Z",
|
||
|
"modified": "2015-08-18T14:33:24.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.215.66.146']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34234-8ba8-4240-8996-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:24.000Z",
|
||
|
"modified": "2015-08-18T14:33:24.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.246.146.74']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34235-53c4-470b-bbad-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:25.000Z",
|
||
|
"modified": "2015-08-18T14:33:25.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.46.236.2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34235-bbec-40f4-8901-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:25.000Z",
|
||
|
"modified": "2015-08-18T14:33:25.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.136.221.141']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34235-7a40-4daf-beab-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:25.000Z",
|
||
|
"modified": "2015-08-18T14:33:25.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.124.13.18']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34235-0bf0-4db3-a0e5-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:25.000Z",
|
||
|
"modified": "2015-08-18T14:33:25.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.78.245.84']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34235-0a2c-4f00-a380-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:25.000Z",
|
||
|
"modified": "2015-08-18T14:33:25.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.19.176.23']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34236-f59c-4e5c-b38c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:26.000Z",
|
||
|
"modified": "2015-08-18T14:33:26.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.198.231.109']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34236-922c-4f7f-914a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:26.000Z",
|
||
|
"modified": "2015-08-18T14:33:26.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.144.2.154']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34236-06d0-4e98-947e-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:26.000Z",
|
||
|
"modified": "2015-08-18T14:33:26.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.194.254.82']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34236-2808-49dd-8b66-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:26.000Z",
|
||
|
"modified": "2015-08-18T14:33:26.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.194.254.224']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34236-e2a8-4ab3-a3c1-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:26.000Z",
|
||
|
"modified": "2015-08-18T14:33:26.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.194.254.236']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34237-ebf0-45b3-b5b0-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:27.000Z",
|
||
|
"modified": "2015-08-18T14:33:27.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.200.14.95']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34237-61ec-48ba-bfd9-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:27.000Z",
|
||
|
"modified": "2015-08-18T14:33:27.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.203.5.186']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34237-a36c-4fe0-9d9a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:27.000Z",
|
||
|
"modified": "2015-08-18T14:33:27.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.217.90.137']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34237-fd88-4876-8ca0-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:27.000Z",
|
||
|
"modified": "2015-08-18T14:33:27.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.219.28.5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34237-3e8c-48fd-b64d-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:27.000Z",
|
||
|
"modified": "2015-08-18T14:33:27.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.220.131.16']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-18a0-4ab7-b787-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.220.131.17']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-a9ac-494e-be08-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.220.131.109']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-2a54-4a9a-8f7b-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.220.131.241']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-7fe8-499c-9ada-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.221.36.140']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-6fbc-4a89-9331-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.221.36.165']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34238-ff28-408a-9333-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:28.000Z",
|
||
|
"modified": "2015-08-18T14:33:28.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.226.212.142']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34239-b79c-4af0-8368-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:29.000Z",
|
||
|
"modified": "2015-08-18T14:33:29.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.238.83.110']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34239-237c-4d58-a07c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:29.000Z",
|
||
|
"modified": "2015-08-18T14:33:29.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.63.96.8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34239-e750-4358-b615-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:29.000Z",
|
||
|
"modified": "2015-08-18T14:33:29.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.222.98.108']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34239-f390-4787-9f88-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:29.000Z",
|
||
|
"modified": "2015-08-18T14:33:29.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.170.131.30']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34239-f064-4777-b8f9-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:29.000Z",
|
||
|
"modified": "2015-08-18T14:33:29.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.171.202.158']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423a-5fa4-49b6-946c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:30.000Z",
|
||
|
"modified": "2015-08-18T14:33:30.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.171.202.172']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423a-9af8-4153-83dc-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:30.000Z",
|
||
|
"modified": "2015-08-18T14:33:30.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.189.42.8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423a-6898-4a08-809b-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:30.000Z",
|
||
|
"modified": "2015-08-18T14:33:30.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.189.42.18']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423a-7050-47ab-a102-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:30.000Z",
|
||
|
"modified": "2015-08-18T14:33:30.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.242.57.106']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423a-ecbc-470a-b91d-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:30.000Z",
|
||
|
"modified": "2015-08-18T14:33:30.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.128.181.236']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423b-9b68-4930-a1eb-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:31.000Z",
|
||
|
"modified": "2015-08-18T14:33:31.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.197.232']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423b-0828-4efb-b4dc-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:31.000Z",
|
||
|
"modified": "2015-08-18T14:33:31.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.213.147.98']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423b-0838-478a-893d-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:31.000Z",
|
||
|
"modified": "2015-08-18T14:33:31.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.207.150.236']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423b-fd90-4384-8409-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:31.000Z",
|
||
|
"modified": "2015-08-18T14:33:31.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.236.11.88']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423b-3cf0-4b8f-986b-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:31.000Z",
|
||
|
"modified": "2015-08-18T14:33:31.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.170.217.209']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423c-c660-4de5-a0cb-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:32.000Z",
|
||
|
"modified": "2015-08-18T14:33:32.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.34.57']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423c-5b50-4f6f-b594-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:32.000Z",
|
||
|
"modified": "2015-08-18T14:33:32.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.37.184']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423c-b5f8-4668-a248-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:32.000Z",
|
||
|
"modified": "2015-08-18T14:33:32.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '144.76.232.44']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423c-e2f4-4ac1-9ee7-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:32.000Z",
|
||
|
"modified": "2015-08-18T14:33:32.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '146.120.110.147']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423c-a64c-4a95-810a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:32.000Z",
|
||
|
"modified": "2015-08-18T14:33:32.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.34.82']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423d-946c-4960-9606-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:33.000Z",
|
||
|
"modified": "2015-08-18T14:33:33.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.80.72.64']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423d-bcf0-46f2-9072-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:33.000Z",
|
||
|
"modified": "2015-08-18T14:33:33.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.248.113.8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423d-a0bc-425b-a07b-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:33.000Z",
|
||
|
"modified": "2015-08-18T14:33:33.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.244.32.164']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423d-da94-4e54-8adf-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:33.000Z",
|
||
|
"modified": "2015-08-18T14:33:33.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.66.130']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423d-f84c-41ba-ac89-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:33.000Z",
|
||
|
"modified": "2015-08-18T14:33:33.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.103.48.223']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423e-684c-4955-b532-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:34.000Z",
|
||
|
"modified": "2015-08-18T14:33:34.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.103.49.219']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423e-9798-402f-ae5b-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:34.000Z",
|
||
|
"modified": "2015-08-18T14:33:34.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.111.63.100']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423e-f2fc-4cc9-9d90-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:34.000Z",
|
||
|
"modified": "2015-08-18T14:33:34.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.208.78.76']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423e-71dc-4cd7-a211-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:34.000Z",
|
||
|
"modified": "2015-08-18T14:33:34.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.208.91.229']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423e-df38-494b-9c07-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:34.000Z",
|
||
|
"modified": "2015-08-18T14:33:34.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.8.60.231']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423f-3d80-43d1-9215-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:35.000Z",
|
||
|
"modified": "2015-08-18T14:33:35.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.17.121.148']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423f-7994-4749-b1a0-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:35.000Z",
|
||
|
"modified": "2015-08-18T14:33:35.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.18.52.127']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423f-8768-4bfe-a07d-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:35.000Z",
|
||
|
"modified": "2015-08-18T14:33:35.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.18.53.247']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423f-fa34-4516-9823-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:35.000Z",
|
||
|
"modified": "2015-08-18T14:33:35.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.86.76.168']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3423f-b728-4747-8187-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:35.000Z",
|
||
|
"modified": "2015-08-18T14:33:35.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.87.48.200']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-0270-4817-904e-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.91.175.94']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-9f48-4787-bc70-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.120.246.249']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-98e0-4130-8177-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.127.249.198']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-c570-4d15-b3be-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.138.108.153']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-50fc-46d4-b3fa-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.101.20.165']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34240-e404-4f4e-8c72-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:36.000Z",
|
||
|
"modified": "2015-08-18T14:33:36.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.101.21.219']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34241-7b38-4694-b3ff-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:37.000Z",
|
||
|
"modified": "2015-08-18T14:33:37.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.26.217.209']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34241-c858-487d-b8b8-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:37.000Z",
|
||
|
"modified": "2015-08-18T14:33:37.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.36.35.78']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34241-7a90-4a5f-93c4-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:37.000Z",
|
||
|
"modified": "2015-08-18T14:33:37.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.169.86.174']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34241-a760-4eff-b7be-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:37.000Z",
|
||
|
"modified": "2015-08-18T14:33:37.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.6.233.37']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34241-3278-4c20-952c-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:37.000Z",
|
||
|
"modified": "2015-08-18T14:33:37.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.62.52.35']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34242-c598-4e00-97b0-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:38.000Z",
|
||
|
"modified": "2015-08-18T14:33:38.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.59.243.120']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34242-7300-4324-934a-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:38.000Z",
|
||
|
"modified": "2015-08-18T14:33:38.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '206.54.183.106']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34242-b810-4c04-8a35-025f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:33:38.000Z",
|
||
|
"modified": "2015-08-18T14:33:38.000Z",
|
||
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.152.181.66']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:33:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-dst\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425b-0ba8-4ee6-9dc0-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:03.000Z",
|
||
|
"modified": "2015-08-18T14:34:03.000Z",
|
||
|
"pattern": "[domain-name:value = 'aningritoron.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425c-d5b4-471a-b8cc-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:04.000Z",
|
||
|
"modified": "2015-08-18T14:34:04.000Z",
|
||
|
"pattern": "[domain-name:value = 'aningutterbut.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425c-e2a8-441b-af86-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:04.000Z",
|
||
|
"modified": "2015-08-18T14:34:04.000Z",
|
||
|
"pattern": "[domain-name:value = 'appridefirstcom.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425c-b6d4-42e0-b586-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:04.000Z",
|
||
|
"modified": "2015-08-18T14:34:04.000Z",
|
||
|
"pattern": "[domain-name:value = 'arwahengo.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425c-bf18-4ad5-9eed-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:04.000Z",
|
||
|
"modified": "2015-08-18T14:34:04.000Z",
|
||
|
"pattern": "[domain-name:value = 'atorrenevent.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425c-bcbc-4ce2-80f8-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:04.000Z",
|
||
|
"modified": "2015-08-18T14:34:04.000Z",
|
||
|
"pattern": "[domain-name:value = 'banqulerroman.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425d-1a70-436e-924b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:05.000Z",
|
||
|
"modified": "2015-08-18T14:34:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'behesjusrat.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425d-49f0-4273-9a23-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:05.000Z",
|
||
|
"modified": "2015-08-18T14:34:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'butledtinve.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425d-d2f8-43f4-a97f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:05.000Z",
|
||
|
"modified": "2015-08-18T14:34:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'continental-transit-mail.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425d-bed0-4e64-8a74-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:05.000Z",
|
||
|
"modified": "2015-08-18T14:34:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'continental-transitmail.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425d-e638-47f9-8bb9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:05.000Z",
|
||
|
"modified": "2015-08-18T14:34:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'cyheckledand.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425e-ff74-4804-acdc-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:06.000Z",
|
||
|
"modified": "2015-08-18T14:34:06.000Z",
|
||
|
"pattern": "[domain-name:value = 'dcfastgroup.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425e-3098-4eb9-9466-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:06.000Z",
|
||
|
"modified": "2015-08-18T14:34:06.000Z",
|
||
|
"pattern": "[domain-name:value = 'deadfishup.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425e-d8e8-450c-a101-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:06.000Z",
|
||
|
"modified": "2015-08-18T14:34:06.000Z",
|
||
|
"pattern": "[domain-name:value = 'debulittro.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425e-c9c8-4db5-83a9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:06.000Z",
|
||
|
"modified": "2015-08-18T14:34:06.000Z",
|
||
|
"pattern": "[domain-name:value = 'destnarrowweek.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425e-b538-4b2b-8354-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:06.000Z",
|
||
|
"modified": "2015-08-18T14:34:06.000Z",
|
||
|
"pattern": "[domain-name:value = 'doclibrarymk.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425f-75f0-40cc-8f46-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:07.000Z",
|
||
|
"modified": "2015-08-18T14:34:07.000Z",
|
||
|
"pattern": "[domain-name:value = 'docscountry.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425f-0004-434d-a0dd-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:07.000Z",
|
||
|
"modified": "2015-08-18T14:34:07.000Z",
|
||
|
"pattern": "[domain-name:value = 'doctrashformater.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425f-4ed0-4e42-b5fb-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:07.000Z",
|
||
|
"modified": "2015-08-18T14:34:07.000Z",
|
||
|
"pattern": "[domain-name:value = 'document-fast-cloud.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425f-90d0-453a-9a8a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:07.000Z",
|
||
|
"modified": "2015-08-18T14:34:07.000Z",
|
||
|
"pattern": "[domain-name:value = 'document-organizer.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3425f-af5c-473c-bfdd-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:07.000Z",
|
||
|
"modified": "2015-08-18T14:34:07.000Z",
|
||
|
"pattern": "[domain-name:value = 'document-qiew-online.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34260-d1b4-4006-b22b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:08.000Z",
|
||
|
"modified": "2015-08-18T14:34:08.000Z",
|
||
|
"pattern": "[domain-name:value = 'document-searcher.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34260-5360-4273-8005-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:08.000Z",
|
||
|
"modified": "2015-08-18T14:34:08.000Z",
|
||
|
"pattern": "[domain-name:value = 'document-view-online.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34260-6ca0-46d4-b2aa-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:08.000Z",
|
||
|
"modified": "2015-08-18T14:34:08.000Z",
|
||
|
"pattern": "[domain-name:value = 'documentfacilitysec.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34260-9ef4-4170-972c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:08.000Z",
|
||
|
"modified": "2015-08-18T14:34:08.000Z",
|
||
|
"pattern": "[domain-name:value = 'documentsecurestorage.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34260-5af0-4a3e-861d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:08.000Z",
|
||
|
"modified": "2015-08-18T14:34:08.000Z",
|
||
|
"pattern": "[domain-name:value = 'documenttargettrace.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34261-0c74-4ecc-8f49-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:09.000Z",
|
||
|
"modified": "2015-08-18T14:34:09.000Z",
|
||
|
"pattern": "[domain-name:value = 'docustoragebank.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34261-c530-48b8-a1e6-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:09.000Z",
|
||
|
"modified": "2015-08-18T14:34:09.000Z",
|
||
|
"pattern": "[domain-name:value = 'donquertofear.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34261-4464-4029-a837-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:09.000Z",
|
||
|
"modified": "2015-08-18T14:34:09.000Z",
|
||
|
"pattern": "[domain-name:value = 'doqument-view-online.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34261-6ed0-4a0d-a38d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:09.000Z",
|
||
|
"modified": "2015-08-18T14:34:09.000Z",
|
||
|
"pattern": "[domain-name:value = 'dortehthisnet.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34261-13ec-45ce-9f5d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:09.000Z",
|
||
|
"modified": "2015-08-18T14:34:09.000Z",
|
||
|
"pattern": "[domain-name:value = 'dortwindfayer.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34262-5de4-4b84-b1ff-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:10.000Z",
|
||
|
"modified": "2015-08-18T14:34:10.000Z",
|
||
|
"pattern": "[domain-name:value = 'dream-hoster.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34262-ae40-4fc2-9c51-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:10.000Z",
|
||
|
"modified": "2015-08-18T14:34:10.000Z",
|
||
|
"pattern": "[domain-name:value = 'durtixfanew.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34262-520c-4b33-bd6c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:10.000Z",
|
||
|
"modified": "2015-08-18T14:34:10.000Z",
|
||
|
"pattern": "[domain-name:value = 'etritanfe.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34262-0344-40ba-9390-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:10.000Z",
|
||
|
"modified": "2015-08-18T14:34:10.000Z",
|
||
|
"pattern": "[domain-name:value = 'eventjohnmihim.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34262-59c4-4ecd-9180-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:10.000Z",
|
||
|
"modified": "2015-08-18T14:34:10.000Z",
|
||
|
"pattern": "[domain-name:value = 'faetsandrep.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34263-2f24-4ab8-abe6-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:11.000Z",
|
||
|
"modified": "2015-08-18T14:34:11.000Z",
|
||
|
"pattern": "[domain-name:value = 'fastdrozdfund.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34263-4c44-4898-bead-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:11.000Z",
|
||
|
"modified": "2015-08-18T14:34:11.000Z",
|
||
|
"pattern": "[domain-name:value = 'fastserviceworld.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34263-d428-4099-873f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:11.000Z",
|
||
|
"modified": "2015-08-18T14:34:11.000Z",
|
||
|
"pattern": "[domain-name:value = 'fastssamplestrash.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34263-aa78-490f-8a08-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:11.000Z",
|
||
|
"modified": "2015-08-18T14:34:11.000Z",
|
||
|
"pattern": "[domain-name:value = 'faststornet.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34263-7c3c-4910-a44a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:11.000Z",
|
||
|
"modified": "2015-08-18T14:34:11.000Z",
|
||
|
"pattern": "[domain-name:value = 'fenesihert.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34264-ab04-44f9-a05b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:12.000Z",
|
||
|
"modified": "2015-08-18T14:34:12.000Z",
|
||
|
"pattern": "[domain-name:value = 'ferginestor.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34264-5c40-4053-bfd7-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:12.000Z",
|
||
|
"modified": "2015-08-18T14:34:12.000Z",
|
||
|
"pattern": "[domain-name:value = 'fifibabok.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34264-c294-4092-97d3-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:12.000Z",
|
||
|
"modified": "2015-08-18T14:34:12.000Z",
|
||
|
"pattern": "[domain-name:value = 'finder777.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34264-a614-4f62-908e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:12.000Z",
|
||
|
"modified": "2015-08-18T14:34:12.000Z",
|
||
|
"pattern": "[domain-name:value = 'fohenroprab.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34264-ca68-47e6-9ab3-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:12.000Z",
|
||
|
"modified": "2015-08-18T14:34:12.000Z",
|
||
|
"pattern": "[domain-name:value = 'forcaltonttof.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34265-61ac-404c-a558-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:13.000Z",
|
||
|
"modified": "2015-08-18T14:34:13.000Z",
|
||
|
"pattern": "[domain-name:value = 'fordahecbet.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34265-6b84-47a3-8951-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:13.000Z",
|
||
|
"modified": "2015-08-18T14:34:13.000Z",
|
||
|
"pattern": "[domain-name:value = 'formaterdocstras.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34265-37f0-4364-95cb-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:13.000Z",
|
||
|
"modified": "2015-08-18T14:34:13.000Z",
|
||
|
"pattern": "[domain-name:value = 'fortgureket.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34265-3c24-460c-bf14-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:13.000Z",
|
||
|
"modified": "2015-08-18T14:34:13.000Z",
|
||
|
"pattern": "[domain-name:value = 'fortuldryhow.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34265-15d4-4418-82c1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:13.000Z",
|
||
|
"modified": "2015-08-18T14:34:13.000Z",
|
||
|
"pattern": "[domain-name:value = 'fuckingsfish.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34266-816c-4ee7-928a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:14.000Z",
|
||
|
"modified": "2015-08-18T14:34:14.000Z",
|
||
|
"pattern": "[domain-name:value = 'funnyinvoiceorg.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34266-0388-4482-a6af-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:14.000Z",
|
||
|
"modified": "2015-08-18T14:34:14.000Z",
|
||
|
"pattern": "[domain-name:value = 'gotthendiran.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34266-49e4-4971-a756-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:14.000Z",
|
||
|
"modified": "2015-08-18T14:34:14.000Z",
|
||
|
"pattern": "[domain-name:value = 'gowasstalpa.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34266-7898-4560-8b30-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:14.000Z",
|
||
|
"modified": "2015-08-18T14:34:14.000Z",
|
||
|
"pattern": "[domain-name:value = 'gutotdolo.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34266-c6ec-4f7f-b55a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:14.000Z",
|
||
|
"modified": "2015-08-18T14:34:14.000Z",
|
||
|
"pattern": "[domain-name:value = 'hapbetrowpar.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34267-7e0c-415f-88d5-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:15.000Z",
|
||
|
"modified": "2015-08-18T14:34:15.000Z",
|
||
|
"pattern": "[domain-name:value = 'hapwroncihen.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34267-31f4-463d-9964-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:15.000Z",
|
||
|
"modified": "2015-08-18T14:34:15.000Z",
|
||
|
"pattern": "[domain-name:value = 'harropthenthe.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34267-b08c-4ccc-bd82-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:15.000Z",
|
||
|
"modified": "2015-08-18T14:34:15.000Z",
|
||
|
"pattern": "[domain-name:value = 'hecunvelac.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34267-c628-4996-a88c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:15.000Z",
|
||
|
"modified": "2015-08-18T14:34:15.000Z",
|
||
|
"pattern": "[domain-name:value = 'hedattoftle.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34267-c598-4eb7-9baa-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:15.000Z",
|
||
|
"modified": "2015-08-18T14:34:15.000Z",
|
||
|
"pattern": "[domain-name:value = 'herssofhaprigh.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-35fc-4552-918f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'herstianingun.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-d0b0-4b63-9700-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'hetonshanver.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-807c-4e37-b4aa-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'hisruboti.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-4ab0-457d-a63b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'ie-form.net']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-6198-4573-8069-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'iecomp-mail.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34268-5f28-4ae3-8bc0-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:16.000Z",
|
||
|
"modified": "2015-08-18T14:34:16.000Z",
|
||
|
"pattern": "[domain-name:value = 'infelitthec.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34269-f7f8-4f02-8227-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:17.000Z",
|
||
|
"modified": "2015-08-18T14:34:17.000Z",
|
||
|
"pattern": "[domain-name:value = 'infodocslibmanagers.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34269-5114-4fcf-8a5e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:17.000Z",
|
||
|
"modified": "2015-08-18T14:34:17.000Z",
|
||
|
"pattern": "[domain-name:value = 'inpahauld.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34269-c808-40f3-bbc9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:17.000Z",
|
||
|
"modified": "2015-08-18T14:34:17.000Z",
|
||
|
"pattern": "[domain-name:value = 'integrated-express.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34269-1b34-407e-add1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:17.000Z",
|
||
|
"modified": "2015-08-18T14:34:17.000Z",
|
||
|
"pattern": "[domain-name:value = 'intexpressform.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34269-db08-4832-af12-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:17.000Z",
|
||
|
"modified": "2015-08-18T14:34:17.000Z",
|
||
|
"pattern": "[domain-name:value = 'invoicebankstore.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426a-08d0-409c-8252-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:18.000Z",
|
||
|
"modified": "2015-08-18T14:34:18.000Z",
|
||
|
"pattern": "[domain-name:value = 'invoiceformater.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426a-6110-4c43-a072-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:18.000Z",
|
||
|
"modified": "2015-08-18T14:34:18.000Z",
|
||
|
"pattern": "[domain-name:value = 'invoicelibrary.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426a-5aa8-485c-997d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:18.000Z",
|
||
|
"modified": "2015-08-18T14:34:18.000Z",
|
||
|
"pattern": "[domain-name:value = 'invoiceseclib.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426a-2654-40f6-83bd-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:18.000Z",
|
||
|
"modified": "2015-08-18T14:34:18.000Z",
|
||
|
"pattern": "[domain-name:value = 'invoicewindow.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426a-9c28-4828-8d45-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:18.000Z",
|
||
|
"modified": "2015-08-18T14:34:18.000Z",
|
||
|
"pattern": "[domain-name:value = 'ireqinvoiceparm.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426b-3ff0-4213-be29-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:19.000Z",
|
||
|
"modified": "2015-08-18T14:34:19.000Z",
|
||
|
"pattern": "[domain-name:value = 'johnmiheventim.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426b-70f8-4e8b-b13a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:19.000Z",
|
||
|
"modified": "2015-08-18T14:34:19.000Z",
|
||
|
"pattern": "[domain-name:value = 'justhegthathen.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426b-16ac-492d-af5d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:19.000Z",
|
||
|
"modified": "2015-08-18T14:34:19.000Z",
|
||
|
"pattern": "[domain-name:value = 'kesedrathow.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426b-2cb4-459b-ab64-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:19.000Z",
|
||
|
"modified": "2015-08-18T14:34:19.000Z",
|
||
|
"pattern": "[domain-name:value = 'leftterbutbet.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-cf3c-4dca-aeac-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'lerentoftjohn.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-63a0-4c04-a0c1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'logmein-security.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-659c-48ca-932c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'logottitne.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-2cd4-4ae8-9e57-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'maininvoicegate.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-84b4-42df-a02a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'manterinvoice.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426c-65f8-4672-aa3a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:20.000Z",
|
||
|
"modified": "2015-08-18T14:34:20.000Z",
|
||
|
"pattern": "[domain-name:value = 'manydocsfastrack.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426d-c668-4e01-8867-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:21.000Z",
|
||
|
"modified": "2015-08-18T14:34:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'menstoreins.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426d-0d18-4440-8756-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:21.000Z",
|
||
|
"modified": "2015-08-18T14:34:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'miafast.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426d-88cc-45fc-adcd-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:21.000Z",
|
||
|
"modified": "2015-08-18T14:34:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'midehefo.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426d-7410-4219-bb4d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:21.000Z",
|
||
|
"modified": "2015-08-18T14:34:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'modelstarinvo.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426d-6d4c-458b-8b0a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:21.000Z",
|
||
|
"modified": "2015-08-18T14:34:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'moskalskiybodun.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426e-a01c-4692-bc15-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:22.000Z",
|
||
|
"modified": "2015-08-18T14:34:22.000Z",
|
||
|
"pattern": "[domain-name:value = 'moskalvtumane.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426e-dbc4-4588-afce-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:22.000Z",
|
||
|
"modified": "2015-08-18T14:34:22.000Z",
|
||
|
"pattern": "[domain-name:value = 'mostotransfer.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426e-ef10-46c1-aa8c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:22.000Z",
|
||
|
"modified": "2015-08-18T14:34:22.000Z",
|
||
|
"pattern": "[domain-name:value = 'mydocumentsholder.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426e-be40-40cf-af8d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:22.000Z",
|
||
|
"modified": "2015-08-18T14:34:22.000Z",
|
||
|
"pattern": "[domain-name:value = 'myfishdown.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426e-e93c-4b87-8589-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:22.000Z",
|
||
|
"modified": "2015-08-18T14:34:22.000Z",
|
||
|
"pattern": "[domain-name:value = 'myrorecrab.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426f-52c0-473e-a8bf-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:23.000Z",
|
||
|
"modified": "2015-08-18T14:34:23.000Z",
|
||
|
"pattern": "[domain-name:value = 'mystoredoc.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426f-a9ac-4b0c-b6e4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:23.000Z",
|
||
|
"modified": "2015-08-18T14:34:23.000Z",
|
||
|
"pattern": "[domain-name:value = 'mytorsmired.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426f-c08c-402e-b9e9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:23.000Z",
|
||
|
"modified": "2015-08-18T14:34:23.000Z",
|
||
|
"pattern": "[domain-name:value = 'nasedrontit.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426f-7d30-4858-9bb5-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:23.000Z",
|
||
|
"modified": "2015-08-18T14:34:23.000Z",
|
||
|
"pattern": "[domain-name:value = 'navicompany.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3426f-a0e8-43f3-9ba1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:23.000Z",
|
||
|
"modified": "2015-08-18T14:34:23.000Z",
|
||
|
"pattern": "[domain-name:value = 'nestorganje.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34270-34a4-4cb6-8093-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:24.000Z",
|
||
|
"modified": "2015-08-18T14:34:24.000Z",
|
||
|
"pattern": "[domain-name:value = 'netshipgroup.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34270-7c54-4d04-b9fb-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:24.000Z",
|
||
|
"modified": "2015-08-18T14:34:24.000Z",
|
||
|
"pattern": "[domain-name:value = 'newstratospheregames.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34270-dcf0-4a91-ace4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:24.000Z",
|
||
|
"modified": "2015-08-18T14:34:24.000Z",
|
||
|
"pattern": "[domain-name:value = 'ninghaprewrof.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34270-8c0c-46a7-ba43-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:24.000Z",
|
||
|
"modified": "2015-08-18T14:34:24.000Z",
|
||
|
"pattern": "[domain-name:value = 'nohissandbo.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34270-65b0-43c3-bf5e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:24.000Z",
|
||
|
"modified": "2015-08-18T14:34:24.000Z",
|
||
|
"pattern": "[domain-name:value = 'notleftrofugh.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34271-d2b8-454c-9ba4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:25.000Z",
|
||
|
"modified": "2015-08-18T14:34:25.000Z",
|
||
|
"pattern": "[domain-name:value = 'nycosedfor.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34271-af0c-43d2-9d31-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:25.000Z",
|
||
|
"modified": "2015-08-18T14:34:25.000Z",
|
||
|
"pattern": "[domain-name:value = 'ondereteveng.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34271-6d6c-4c68-8c00-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:25.000Z",
|
||
|
"modified": "2015-08-18T14:34:25.000Z",
|
||
|
"pattern": "[domain-name:value = 'ortandahan.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34271-3754-4909-9ab3-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:25.000Z",
|
||
|
"modified": "2015-08-18T14:34:25.000Z",
|
||
|
"pattern": "[domain-name:value = 'padetitdidn.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34271-e008-44df-9520-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:25.000Z",
|
||
|
"modified": "2015-08-18T14:34:25.000Z",
|
||
|
"pattern": "[domain-name:value = 'pardijusat.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-2fac-4239-bbff-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'parterledhed.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-5e38-460a-94a1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'pasnirthland.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-5c90-4a40-86a1-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'pebulelet.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-0a8c-4c72-9ae5-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'pizdetshuiovosboduna.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-cbf0-4415-8225-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'podvigtitanika.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34272-1608-494f-ab7e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:26.000Z",
|
||
|
"modified": "2015-08-18T14:34:26.000Z",
|
||
|
"pattern": "[domain-name:value = 'poly-poly.net']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34273-bb8c-4053-8921-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:27.000Z",
|
||
|
"modified": "2015-08-18T14:34:27.000Z",
|
||
|
"pattern": "[domain-name:value = 'randomwfu365.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34273-7eec-494e-9457-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:27.000Z",
|
||
|
"modified": "2015-08-18T14:34:27.000Z",
|
||
|
"pattern": "[domain-name:value = 'ranrianinghers.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34273-1e68-427b-9603-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:27.000Z",
|
||
|
"modified": "2015-08-18T14:34:27.000Z",
|
||
|
"pattern": "[domain-name:value = 'rearmheadfire.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34273-24b8-4b63-aa5c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:27.000Z",
|
||
|
"modified": "2015-08-18T14:34:27.000Z",
|
||
|
"pattern": "[domain-name:value = 'rebettheligh.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34273-a58c-403b-b615-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:27.000Z",
|
||
|
"modified": "2015-08-18T14:34:27.000Z",
|
||
|
"pattern": "[domain-name:value = 'rebledughid.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34274-675c-4d32-a7da-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:28.000Z",
|
||
|
"modified": "2015-08-18T14:34:28.000Z",
|
||
|
"pattern": "[domain-name:value = 'redesparda.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34274-682c-4825-a604-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:28.000Z",
|
||
|
"modified": "2015-08-18T14:34:28.000Z",
|
||
|
"pattern": "[domain-name:value = 'redwithtertreb.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34274-6e08-4863-8854-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:28.000Z",
|
||
|
"modified": "2015-08-18T14:34:28.000Z",
|
||
|
"pattern": "[domain-name:value = 'renrefhedked.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34274-52cc-435b-89f3-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:28.000Z",
|
||
|
"modified": "2015-08-18T14:34:28.000Z",
|
||
|
"pattern": "[domain-name:value = 'renwitedrom.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34274-4c34-4504-bb88-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:28.000Z",
|
||
|
"modified": "2015-08-18T14:34:28.000Z",
|
||
|
"pattern": "[domain-name:value = 'resqdocsfirm.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34275-657c-42d7-8837-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:29.000Z",
|
||
|
"modified": "2015-08-18T14:34:29.000Z",
|
||
|
"pattern": "[domain-name:value = 'resughesaning.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34275-713c-452c-a4c3-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:29.000Z",
|
||
|
"modified": "2015-08-18T14:34:29.000Z",
|
||
|
"pattern": "[domain-name:value = 'righthetoneca.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34275-bf94-49b3-9f88-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:29.000Z",
|
||
|
"modified": "2015-08-18T14:34:29.000Z",
|
||
|
"pattern": "[domain-name:value = 'rinheckguny.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34275-50fc-42a7-b1e0-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:29.000Z",
|
||
|
"modified": "2015-08-18T14:34:29.000Z",
|
||
|
"pattern": "[domain-name:value = 'rosupletwas.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34275-acf4-448f-a90a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:29.000Z",
|
||
|
"modified": "2015-08-18T14:34:29.000Z",
|
||
|
"pattern": "[domain-name:value = 'sabotierfirst.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34276-48f0-437a-995e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:30.000Z",
|
||
|
"modified": "2015-08-18T14:34:30.000Z",
|
||
|
"pattern": "[domain-name:value = 'salecheapflight.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34276-c608-4e55-a60e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:30.000Z",
|
||
|
"modified": "2015-08-18T14:34:30.000Z",
|
||
|
"pattern": "[domain-name:value = 'saloross.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34276-101c-4e56-ae5f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:30.000Z",
|
||
|
"modified": "2015-08-18T14:34:30.000Z",
|
||
|
"pattern": "[domain-name:value = 'sampledocstrash.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34276-a210-4d31-9158-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:30.000Z",
|
||
|
"modified": "2015-08-18T14:34:30.000Z",
|
||
|
"pattern": "[domain-name:value = 'secureinvoicedocs.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34276-1854-4432-8341-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:30.000Z",
|
||
|
"modified": "2015-08-18T14:34:30.000Z",
|
||
|
"pattern": "[domain-name:value = 'sestoreinv.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34277-14b0-47b4-ba2a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:31.000Z",
|
||
|
"modified": "2015-08-18T14:34:31.000Z",
|
||
|
"pattern": "[domain-name:value = 'shareinvoicelib.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34277-5b40-4ce3-85f9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:31.000Z",
|
||
|
"modified": "2015-08-18T14:34:31.000Z",
|
||
|
"pattern": "[domain-name:value = 'smallconfigs.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34277-3e94-48c5-98b0-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:31.000Z",
|
||
|
"modified": "2015-08-18T14:34:31.000Z",
|
||
|
"pattern": "[domain-name:value = 'sofforjeclet.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34277-0be4-4343-9f4a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:31.000Z",
|
||
|
"modified": "2015-08-18T14:34:31.000Z",
|
||
|
"pattern": "[domain-name:value = 'somedocushare.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34277-6828-46bc-89be-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:31.000Z",
|
||
|
"modified": "2015-08-18T14:34:31.000Z",
|
||
|
"pattern": "[domain-name:value = 'sparwasssinve.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34278-9a2c-48ab-bb6a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:32.000Z",
|
||
|
"modified": "2015-08-18T14:34:32.000Z",
|
||
|
"pattern": "[domain-name:value = 'starinvoicemodel.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34278-cb84-4794-afa8-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:32.000Z",
|
||
|
"modified": "2015-08-18T14:34:32.000Z",
|
||
|
"pattern": "[domain-name:value = 'talahedtug.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34278-e594-4ce1-8478-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:32.000Z",
|
||
|
"modified": "2015-08-18T14:34:32.000Z",
|
||
|
"pattern": "[domain-name:value = 'tanhadhidown.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34278-ed74-438d-8f44-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:32.000Z",
|
||
|
"modified": "2015-08-18T14:34:32.000Z",
|
||
|
"pattern": "[domain-name:value = 'thenjechap.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34278-7994-404b-8cf4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:32.000Z",
|
||
|
"modified": "2015-08-18T14:34:32.000Z",
|
||
|
"pattern": "[domain-name:value = 'thenlouldnot.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-8dc4-43e7-99e2-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'thettoortoft.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-31f4-4404-a79a-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'ticalharked.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-a640-4f3c-b646-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'titanikvmoskalii.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-7d90-4b27-bf2b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'tofthenningref.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-12d8-4793-a368-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'toldbiledin.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d34279-082c-4b7d-bc05-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:33.000Z",
|
||
|
"modified": "2015-08-18T14:34:33.000Z",
|
||
|
"pattern": "[domain-name:value = 'toldontinwi.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427a-d724-48bc-9b5b-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:34.000Z",
|
||
|
"modified": "2015-08-18T14:34:34.000Z",
|
||
|
"pattern": "[domain-name:value = 'toldronher.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427a-b9d8-485e-9e41-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:34.000Z",
|
||
|
"modified": "2015-08-18T14:34:34.000Z",
|
||
|
"pattern": "[domain-name:value = 'tonecarighthe.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427a-f548-4ee4-ad9c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:34.000Z",
|
||
|
"modified": "2015-08-18T14:34:34.000Z",
|
||
|
"pattern": "[domain-name:value = 'tonsulddijus.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427a-9704-46ef-80e9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:34.000Z",
|
||
|
"modified": "2015-08-18T14:34:34.000Z",
|
||
|
"pattern": "[domain-name:value = 'torsmimyred.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427a-e890-4075-ab13-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:34.000Z",
|
||
|
"modified": "2015-08-18T14:34:34.000Z",
|
||
|
"pattern": "[domain-name:value = 'torssedbabbe.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427b-2588-4625-93f2-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:35.000Z",
|
||
|
"modified": "2015-08-18T14:34:35.000Z",
|
||
|
"pattern": "[domain-name:value = 'trash4docs.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427b-454c-4d76-bfc4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:35.000Z",
|
||
|
"modified": "2015-08-18T14:34:35.000Z",
|
||
|
"pattern": "[domain-name:value = 'trashdocformat.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427b-05bc-4945-ba02-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:35.000Z",
|
||
|
"modified": "2015-08-18T14:34:35.000Z",
|
||
|
"pattern": "[domain-name:value = 'trashformatdocer.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427b-ca24-4e2e-b701-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:35.000Z",
|
||
|
"modified": "2015-08-18T14:34:35.000Z",
|
||
|
"pattern": "[domain-name:value = 'trbestbuy.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427b-9e90-45e8-a6c9-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:35.000Z",
|
||
|
"modified": "2015-08-18T14:34:35.000Z",
|
||
|
"pattern": "[domain-name:value = 'tumanimoskal.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427c-42f4-44e7-ab2c-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:36.000Z",
|
||
|
"modified": "2015-08-18T14:34:36.000Z",
|
||
|
"pattern": "[domain-name:value = 'tumanmoskalskiy.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427c-f82c-4080-a6e2-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:36.000Z",
|
||
|
"modified": "2015-08-18T14:34:36.000Z",
|
||
|
"pattern": "[domain-name:value = 'tumanvmoskalii.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427c-b100-4a86-8fa5-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:36.000Z",
|
||
|
"modified": "2015-08-18T14:34:36.000Z",
|
||
|
"pattern": "[domain-name:value = 'ughimsinna.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427c-eef8-4848-8370-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:36.000Z",
|
||
|
"modified": "2015-08-18T14:34:36.000Z",
|
||
|
"pattern": "[domain-name:value = 'ughwagerew.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427c-9194-40f2-88d2-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:36.000Z",
|
||
|
"modified": "2015-08-18T14:34:36.000Z",
|
||
|
"pattern": "[domain-name:value = 'uldhowhedtca.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427d-706c-456f-843d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:37.000Z",
|
||
|
"modified": "2015-08-18T14:34:37.000Z",
|
||
|
"pattern": "[domain-name:value = 'undmiredhem.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427d-98f8-455f-8f78-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:37.000Z",
|
||
|
"modified": "2015-08-18T14:34:37.000Z",
|
||
|
"pattern": "[domain-name:value = 'undvemofo.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427d-d6bc-4d92-92e4-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:37.000Z",
|
||
|
"modified": "2015-08-18T14:34:37.000Z",
|
||
|
"pattern": "[domain-name:value = 'uttejustrep.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427d-414c-486c-8592-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:37.000Z",
|
||
|
"modified": "2015-08-18T14:34:37.000Z",
|
||
|
"pattern": "[domain-name:value = 'utwithdehan.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427d-5a40-4cac-af1e-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:37.000Z",
|
||
|
"modified": "2015-08-18T14:34:37.000Z",
|
||
|
"pattern": "[domain-name:value = 'veetdohi.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427e-c5ac-4b80-8c16-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:38.000Z",
|
||
|
"modified": "2015-08-18T14:34:38.000Z",
|
||
|
"pattern": "[domain-name:value = 'veronefosof.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427e-5710-46ea-9db7-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:38.000Z",
|
||
|
"modified": "2015-08-18T14:34:38.000Z",
|
||
|
"pattern": "[domain-name:value = 'video-promo.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427e-03c4-41e0-b956-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:38.000Z",
|
||
|
"modified": "2015-08-18T14:34:38.000Z",
|
||
|
"pattern": "[domain-name:value = 'wantools40.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427e-c518-4e70-bf09-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:38.000Z",
|
||
|
"modified": "2015-08-18T14:34:38.000Z",
|
||
|
"pattern": "[domain-name:value = 'wastolddinghes.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427e-fb9c-49c4-a57f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:38.000Z",
|
||
|
"modified": "2015-08-18T14:34:38.000Z",
|
||
|
"pattern": "[domain-name:value = 'withetborom.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427f-4c14-4b65-9591-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:39.000Z",
|
||
|
"modified": "2015-08-18T14:34:39.000Z",
|
||
|
"pattern": "[domain-name:value = 'wituldwihow.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427f-2240-4aa7-a51f-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:39.000Z",
|
||
|
"modified": "2015-08-18T14:34:39.000Z",
|
||
|
"pattern": "[domain-name:value = 'workwithdocuments.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427f-5e88-41d5-a77d-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:39.000Z",
|
||
|
"modified": "2015-08-18T14:34:39.000Z",
|
||
|
"pattern": "[domain-name:value = 'worldshipone.net']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55d3427f-e75c-4218-b126-2258950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-18T14:34:39.000Z",
|
||
|
"modified": "2015-08-18T14:34:39.000Z",
|
||
|
"pattern": "[domain-name:value = 'wrononeratwass.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-18T14:34:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4c-c6d8-48e1-b756-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:52.000Z",
|
||
|
"modified": "2015-08-25T11:06:52.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '2ca92663a66a5b2047a921f746be56674fa05631']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4c-7484-4830-9c52-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:52.000Z",
|
||
|
"modified": "2015-08-25T11:06:52.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '3f548e9f4f8b1c1ee9341055a75345e1d2b4358a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4c-a53c-44a6-98bd-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:52.000Z",
|
||
|
"modified": "2015-08-25T11:06:52.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '4011a69c7dcc5d1f903f2f777fb3e35de748c8a3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4c-4b5c-40df-9ab3-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:52.000Z",
|
||
|
"modified": "2015-08-25T11:06:52.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '4398c2b731f4939414bba70aac5260ff1d1ae865']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4c-a3b8-476e-88c1-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:52.000Z",
|
||
|
"modified": "2015-08-25T11:06:52.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '462fe924876597a9396999dd24773e8ed9746997']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4d-22ac-4071-b622-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:53.000Z",
|
||
|
"modified": "2015-08-25T11:06:53.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '48593abe9a8543c9183e375fc185fd97c28f3549']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4d-4678-48fb-96f1-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:53.000Z",
|
||
|
"modified": "2015-08-25T11:06:53.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '496f84635f216e93d9661a403e43ff1903a2a2e8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4d-8bf8-484a-9a3b-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:53.000Z",
|
||
|
"modified": "2015-08-25T11:06:53.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '5b85b8cd91539f19f0d0cb2fc692722bc944f32a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4d-7120-4a1e-9d73-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:53.000Z",
|
||
|
"modified": "2015-08-25T11:06:53.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '61481016dace6765a485f32fd52760b2fb9b95ec']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4e-3dfc-46c4-9e15-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:54.000Z",
|
||
|
"modified": "2015-08-25T11:06:54.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '83f1b17fb18fc0ad14ce1bbf2a5d165404edef93']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4e-f128-4c48-bf57-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:54.000Z",
|
||
|
"modified": "2015-08-25T11:06:54.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8422d870ebcafeb6c51142f1a95cc5b8f64b43ba']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4e-2264-4e0c-99d4-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:54.000Z",
|
||
|
"modified": "2015-08-25T11:06:54.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8ab7df1193c9a3f6ad33426b634c581939dc9281']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4e-2280-410b-ad38-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:54.000Z",
|
||
|
"modified": "2015-08-25T11:06:54.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '8b6619e4d4ef2297a18e8dd3aad9dda93883d574']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4e-1e90-4e39-a841-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:54.000Z",
|
||
|
"modified": "2015-08-25T11:06:54.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '92d4c9117fb2fe48333e71822e433807fb5198c4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4f-2ca4-4fa0-ad63-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = '93327b8105ea5f67a5a5bcb3ffe9b8cbe75185d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "vulnerability",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "vulnerability--55dc4c4f-5a2c-48d4-a736-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"name": "CVE-2012-1258",
|
||
|
"labels": [
|
||
|
"misp:type=\"vulnerability\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"external_references": [
|
||
|
{
|
||
|
"source_name": "cve",
|
||
|
"external_id": "CVE-2012-1258"
|
||
|
}
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "vulnerability",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "vulnerability--55dc4c4f-863c-4ab7-b80c-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"name": "CVE-2014-1761",
|
||
|
"labels": [
|
||
|
"misp:type=\"vulnerability\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"external_references": [
|
||
|
{
|
||
|
"source_name": "cve",
|
||
|
"external_id": "CVE-2014-1761"
|
||
|
}
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4f-4df0-41ae-838d-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'a7c016bee0766f57f6a977f248c45cf06de5ab00']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4f-a8cc-49fb-9be3-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b2abfaa9d14435a5b079b847a039b57b4036836c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c4f-5ad8-4b9e-91c8-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:55.000Z",
|
||
|
"modified": "2015-08-25T11:06:55.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b31423f986f562ae2070b5d103435a2bd0783762']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c50-69b4-4d12-99a0-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:56.000Z",
|
||
|
"modified": "2015-08-25T11:06:56.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b4a3ad2992af82d739d4eb110fab6966479ffd62']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c50-7898-4ca2-bf0d-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:56.000Z",
|
||
|
"modified": "2015-08-25T11:06:56.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'baea5192f69d7942722138445ed74c5a9909d255']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c50-f560-43e5-af4e-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:56.000Z",
|
||
|
"modified": "2015-08-25T11:06:56.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'bbece44ad7d76ffc70239cc97f5238de01ce6ccd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c50-fa1c-4f5a-9a5b-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:56.000Z",
|
||
|
"modified": "2015-08-25T11:06:56.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'c707f688eff865b1f40dcb5dddd130b508d8e589']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c50-402c-4f93-acc4-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:56.000Z",
|
||
|
"modified": "2015-08-25T11:06:56.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd3ab3f733ad076546abb7debc3c79575083ec6d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c51-0538-46f6-a9d1-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:57.000Z",
|
||
|
"modified": "2015-08-25T11:06:57.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd9d9ba96bfce361002a7bec53db95390f72c3e0b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c51-e52c-4740-80cc-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:57.000Z",
|
||
|
"modified": "2015-08-25T11:06:57.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'dc31cbded9d2afc0a8bcf9eea731712abaf12dfb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c51-7db0-45bd-b141-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:57.000Z",
|
||
|
"modified": "2015-08-25T11:06:57.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'dda088b93f203845bca009a850b89b3a2cdf3538']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c51-55ec-4bc4-8182-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:57.000Z",
|
||
|
"modified": "2015-08-25T11:06:57.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'de5cdbec6ce4a38f9938944aa82fe8d30ae20171']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c52-bb18-4a0c-8748-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:58.000Z",
|
||
|
"modified": "2015-08-25T11:06:58.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e11f512fb681ec2c5333da75dcd64f28bcfa5e3c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c52-4a24-4824-91b0-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:58.000Z",
|
||
|
"modified": "2015-08-25T11:06:58.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e9c2d14bd123fa727ea5691c21374e88e95f877d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c52-59a8-43d3-9283-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:58.000Z",
|
||
|
"modified": "2015-08-25T11:06:58.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'edc9c1929ff20950b99c42e22f3f448591351ce4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c52-89a4-4d53-a30a-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:58.000Z",
|
||
|
"modified": "2015-08-25T11:06:58.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'ee051a2a04c0caf6ff81db0542ca3fa35b05c7b4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c52-9c4c-49d0-a867-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:58.000Z",
|
||
|
"modified": "2015-08-25T11:06:58.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'eecbe32d493d3a5eaef2d6720e0d0cdfb8bc175c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c53-f2a8-4b6f-b770-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:59.000Z",
|
||
|
"modified": "2015-08-25T11:06:59.000Z",
|
||
|
"pattern": "[domain-name:value = 'enherthadugh.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c53-e96c-4243-9983-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:59.000Z",
|
||
|
"modified": "2015-08-25T11:06:59.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f13fa4951edddea82255db0de91a0c17f1b947b1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c53-c1d8-4ec1-9c57-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:59.000Z",
|
||
|
"modified": "2015-08-25T11:06:59.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f1fa5d774901995234fdfedb562953c6ed4c9eff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c53-3214-421b-9771-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:06:59.000Z",
|
||
|
"modified": "2015-08-25T11:06:59.000Z",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f6d69a32f36e3d2e8a2b69acfd932e04ed3d2002']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:06:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c54-f574-4142-8474-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:07:00.000Z",
|
||
|
"modified": "2015-08-25T11:07:00.000Z",
|
||
|
"pattern": "[domain-name:value = 'rofhanrighhen.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:07:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc4c54-9ce4-455b-b4b1-c974950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:07:00.000Z",
|
||
|
"modified": "2015-08-25T11:07:00.000Z",
|
||
|
"pattern": "[domain-name:value = 'tontuldverbab.ru']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:07:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc4c71-9188-4517-97cb-bbd8950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:07:29.000Z",
|
||
|
"modified": "2015-08-25T11:07:29.000Z",
|
||
|
"first_observed": "2015-08-25T11:07:29Z",
|
||
|
"last_observed": "2015-08-25T11:07:29Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc4c71-9188-4517-97cb-bbd8950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc4c71-9188-4517-97cb-bbd8950d210b",
|
||
|
"value": "https://otx.alienvault.com/pulse/55d254ef4637f2170e1bd6df/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5712-486c-4e02-821b-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:50.000Z",
|
||
|
"modified": "2015-08-25T11:52:50.000Z",
|
||
|
"description": "- Xchecked via VT: f6d69a32f36e3d2e8a2b69acfd932e04ed3d2002",
|
||
|
"pattern": "[file:hashes.SHA256 = '91185c6e0e55ab114e7281067a4d13c047d7a45aa83f60c1c840668a18a16c61']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:50Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5712-4dc4-4928-a13c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:50.000Z",
|
||
|
"modified": "2015-08-25T11:52:50.000Z",
|
||
|
"description": "- Xchecked via VT: f6d69a32f36e3d2e8a2b69acfd932e04ed3d2002",
|
||
|
"pattern": "[file:hashes.MD5 = '076a73d9bc4326dc9d85296a02fea8f4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:50Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5712-dc50-4e05-b9c1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:50.000Z",
|
||
|
"modified": "2015-08-25T11:52:50.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:50Z",
|
||
|
"last_observed": "2015-08-25T11:52:50Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5712-dc50-4e05-b9c1-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5712-dc50-4e05-b9c1-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/91185c6e0e55ab114e7281067a4d13c047d7a45aa83f60c1c840668a18a16c61/analysis/1435212361/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5713-5ad0-4f6d-bc48-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:51.000Z",
|
||
|
"modified": "2015-08-25T11:52:51.000Z",
|
||
|
"description": "- Xchecked via VT: f1fa5d774901995234fdfedb562953c6ed4c9eff",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd20e63c7a1f3f4a2ab8a2a5f301fbb6c2075dfbc5eece828273fe38cb3f87788']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5713-fc64-476a-aa1f-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:51.000Z",
|
||
|
"modified": "2015-08-25T11:52:51.000Z",
|
||
|
"description": "- Xchecked via VT: f1fa5d774901995234fdfedb562953c6ed4c9eff",
|
||
|
"pattern": "[file:hashes.MD5 = 'f4df81bc3151e1e862ed30c597f7638f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5713-96fc-49ec-aa38-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:51.000Z",
|
||
|
"modified": "2015-08-25T11:52:51.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:51Z",
|
||
|
"last_observed": "2015-08-25T11:52:51Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5713-96fc-49ec-aa38-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5713-96fc-49ec-aa38-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/d20e63c7a1f3f4a2ab8a2a5f301fbb6c2075dfbc5eece828273fe38cb3f87788/analysis/1439814508/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5713-a878-41c2-b9de-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:51.000Z",
|
||
|
"modified": "2015-08-25T11:52:51.000Z",
|
||
|
"description": "- Xchecked via VT: f13fa4951edddea82255db0de91a0c17f1b947b1",
|
||
|
"pattern": "[file:hashes.SHA256 = '2bad191f52e505c40bf0615a19e3e465a4f49c553a22a6566bdc2e251045a31a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5713-2dd8-478c-8e81-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:51.000Z",
|
||
|
"modified": "2015-08-25T11:52:51.000Z",
|
||
|
"description": "- Xchecked via VT: f13fa4951edddea82255db0de91a0c17f1b947b1",
|
||
|
"pattern": "[file:hashes.MD5 = 'f43ab4f343867682104361c6bbff12d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5714-6b08-457e-9bc2-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:52.000Z",
|
||
|
"modified": "2015-08-25T11:52:52.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:52Z",
|
||
|
"last_observed": "2015-08-25T11:52:52Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5714-6b08-457e-9bc2-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5714-6b08-457e-9bc2-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/2bad191f52e505c40bf0615a19e3e465a4f49c553a22a6566bdc2e251045a31a/analysis/1438018825/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5714-3aa4-4bdc-a6cb-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:52.000Z",
|
||
|
"modified": "2015-08-25T11:52:52.000Z",
|
||
|
"description": "- Xchecked via VT: eecbe32d493d3a5eaef2d6720e0d0cdfb8bc175c",
|
||
|
"pattern": "[file:hashes.SHA256 = '192b44b56424984bf7df8ef44f00c2735cfacf077ead36a5c1644ba5db00ffec']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5714-da00-445b-8dd4-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:52.000Z",
|
||
|
"modified": "2015-08-25T11:52:52.000Z",
|
||
|
"description": "- Xchecked via VT: eecbe32d493d3a5eaef2d6720e0d0cdfb8bc175c",
|
||
|
"pattern": "[file:hashes.MD5 = '337c94bef406ab27d398d8cb11087a41']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5714-8e2c-45be-8e98-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:52.000Z",
|
||
|
"modified": "2015-08-25T11:52:52.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:52Z",
|
||
|
"last_observed": "2015-08-25T11:52:52Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5714-8e2c-45be-8e98-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5714-8e2c-45be-8e98-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/192b44b56424984bf7df8ef44f00c2735cfacf077ead36a5c1644ba5db00ffec/analysis/1435213843/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5715-e920-4c7a-babf-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:53.000Z",
|
||
|
"modified": "2015-08-25T11:52:53.000Z",
|
||
|
"description": "- Xchecked via VT: ee051a2a04c0caf6ff81db0542ca3fa35b05c7b4",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c953e7561f2106e2180a402bb9fc094bb9a667ed308feab2908a0976c373e262']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5715-63dc-436e-86ba-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:53.000Z",
|
||
|
"modified": "2015-08-25T11:52:53.000Z",
|
||
|
"description": "- Xchecked via VT: ee051a2a04c0caf6ff81db0542ca3fa35b05c7b4",
|
||
|
"pattern": "[file:hashes.MD5 = 'db7883926e202f59dc07864841bcf462']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5715-10dc-4b56-9bd7-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:53.000Z",
|
||
|
"modified": "2015-08-25T11:52:53.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:53Z",
|
||
|
"last_observed": "2015-08-25T11:52:53Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5715-10dc-4b56-9bd7-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5715-10dc-4b56-9bd7-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/c953e7561f2106e2180a402bb9fc094bb9a667ed308feab2908a0976c373e262/analysis/1440238463/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5715-4b44-430c-b36c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:53.000Z",
|
||
|
"modified": "2015-08-25T11:52:53.000Z",
|
||
|
"description": "- Xchecked via VT: edc9c1929ff20950b99c42e22f3f448591351ce4",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd89af60d8f4808e53b42b40cc70cbf6296283332c65ee35f8bbff00bf1abbdc6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5715-00c4-4935-a1ca-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:53.000Z",
|
||
|
"modified": "2015-08-25T11:52:53.000Z",
|
||
|
"description": "- Xchecked via VT: edc9c1929ff20950b99c42e22f3f448591351ce4",
|
||
|
"pattern": "[file:hashes.MD5 = '68a2237f55871c51ac48fae06eae6709']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5716-1914-4033-8c65-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:54.000Z",
|
||
|
"modified": "2015-08-25T11:52:54.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:54Z",
|
||
|
"last_observed": "2015-08-25T11:52:54Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5716-1914-4033-8c65-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5716-1914-4033-8c65-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/d89af60d8f4808e53b42b40cc70cbf6296283332c65ee35f8bbff00bf1abbdc6/analysis/1439469426/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5716-0334-4e98-8f76-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:54.000Z",
|
||
|
"modified": "2015-08-25T11:52:54.000Z",
|
||
|
"description": "- Xchecked via VT: e9c2d14bd123fa727ea5691c21374e88e95f877d",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e498f932f6b02b5067a52ee78e574b3722970bf91062b293d3e9973d6bb28e01']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5716-0a58-4240-a835-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:54.000Z",
|
||
|
"modified": "2015-08-25T11:52:54.000Z",
|
||
|
"description": "- Xchecked via VT: e9c2d14bd123fa727ea5691c21374e88e95f877d",
|
||
|
"pattern": "[file:hashes.MD5 = '3f08f668f3f9bba7a5fec569ae6a8651']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5716-dca8-4f81-9711-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:54.000Z",
|
||
|
"modified": "2015-08-25T11:52:54.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:54Z",
|
||
|
"last_observed": "2015-08-25T11:52:54Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5716-dca8-4f81-9711-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5716-dca8-4f81-9711-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/e498f932f6b02b5067a52ee78e574b3722970bf91062b293d3e9973d6bb28e01/analysis/1439900719/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5716-e378-4d1a-989c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:54.000Z",
|
||
|
"modified": "2015-08-25T11:52:54.000Z",
|
||
|
"description": "- Xchecked via VT: e11f512fb681ec2c5333da75dcd64f28bcfa5e3c",
|
||
|
"pattern": "[file:hashes.SHA256 = '0cede6e53dbdf04f5af86203dfc4911115c7eacc774f2c3073c2d6ae7625eaa2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5717-890c-41f9-986d-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:55.000Z",
|
||
|
"modified": "2015-08-25T11:52:55.000Z",
|
||
|
"description": "- Xchecked via VT: e11f512fb681ec2c5333da75dcd64f28bcfa5e3c",
|
||
|
"pattern": "[file:hashes.MD5 = '9bdc589eb47aa11992737dc1debabb2a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5717-dd98-441f-bcbd-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:55.000Z",
|
||
|
"modified": "2015-08-25T11:52:55.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:55Z",
|
||
|
"last_observed": "2015-08-25T11:52:55Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5717-dd98-441f-bcbd-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5717-dd98-441f-bcbd-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/0cede6e53dbdf04f5af86203dfc4911115c7eacc774f2c3073c2d6ae7625eaa2/analysis/1439802709/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5717-f008-4845-ac20-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:55.000Z",
|
||
|
"modified": "2015-08-25T11:52:55.000Z",
|
||
|
"description": "- Xchecked via VT: de5cdbec6ce4a38f9938944aa82fe8d30ae20171",
|
||
|
"pattern": "[file:hashes.SHA256 = '1aac2417be978ba1cd5ad7a306a71ce6f018f103a1f0aa79149e55bb308af5ca']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5717-fef0-4f9b-8a5c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:55.000Z",
|
||
|
"modified": "2015-08-25T11:52:55.000Z",
|
||
|
"description": "- Xchecked via VT: de5cdbec6ce4a38f9938944aa82fe8d30ae20171",
|
||
|
"pattern": "[file:hashes.MD5 = '3e5191de0f62fe1ffcc210fb56b2738c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5718-6464-488b-8fb3-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:56.000Z",
|
||
|
"modified": "2015-08-25T11:52:56.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:56Z",
|
||
|
"last_observed": "2015-08-25T11:52:56Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5718-6464-488b-8fb3-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5718-6464-488b-8fb3-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/1aac2417be978ba1cd5ad7a306a71ce6f018f103a1f0aa79149e55bb308af5ca/analysis/1439900715/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5718-be48-487d-b6d1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:56.000Z",
|
||
|
"modified": "2015-08-25T11:52:56.000Z",
|
||
|
"description": "- Xchecked via VT: dda088b93f203845bca009a850b89b3a2cdf3538",
|
||
|
"pattern": "[file:hashes.SHA256 = '4256909788058b7c5a4d86bdbfee71d7e3fd11b9ad6d887b75f11cb5dd483f7b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5718-56b8-44a9-8781-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:56.000Z",
|
||
|
"modified": "2015-08-25T11:52:56.000Z",
|
||
|
"description": "- Xchecked via VT: dda088b93f203845bca009a850b89b3a2cdf3538",
|
||
|
"pattern": "[file:hashes.MD5 = 'c09d8ec08208a16b41e0beaa812a4c6e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5718-9f44-440f-820a-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:56.000Z",
|
||
|
"modified": "2015-08-25T11:52:56.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:56Z",
|
||
|
"last_observed": "2015-08-25T11:52:56Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5718-9f44-440f-820a-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5718-9f44-440f-820a-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/4256909788058b7c5a4d86bdbfee71d7e3fd11b9ad6d887b75f11cb5dd483f7b/analysis/1439498407/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5718-4e14-42a1-915c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:56.000Z",
|
||
|
"modified": "2015-08-25T11:52:56.000Z",
|
||
|
"description": "- Xchecked via VT: dc31cbded9d2afc0a8bcf9eea731712abaf12dfb",
|
||
|
"pattern": "[file:hashes.SHA256 = '799abe16ba0450a7c3cc636b8266f35c7fcbb16b33602a582af3ee67342f7111']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5719-8f38-475f-b1b7-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:57.000Z",
|
||
|
"modified": "2015-08-25T11:52:57.000Z",
|
||
|
"description": "- Xchecked via VT: dc31cbded9d2afc0a8bcf9eea731712abaf12dfb",
|
||
|
"pattern": "[file:hashes.MD5 = '9b51d81c32ae3b709c08feaea5e10704']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5719-878c-4560-936a-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:57.000Z",
|
||
|
"modified": "2015-08-25T11:52:57.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:57Z",
|
||
|
"last_observed": "2015-08-25T11:52:57Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5719-878c-4560-936a-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5719-878c-4560-936a-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/799abe16ba0450a7c3cc636b8266f35c7fcbb16b33602a582af3ee67342f7111/analysis/1440324020/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5719-57d4-455a-aa2b-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:57.000Z",
|
||
|
"modified": "2015-08-25T11:52:57.000Z",
|
||
|
"description": "- Xchecked via VT: d9d9ba96bfce361002a7bec53db95390f72c3e0b",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd6f4e37f77d7bf69922793f2db5b0459df8708f3bd3f2edb6f5ecc707fbacaf2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5719-88c4-45cd-b4b3-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:57.000Z",
|
||
|
"modified": "2015-08-25T11:52:57.000Z",
|
||
|
"description": "- Xchecked via VT: d9d9ba96bfce361002a7bec53db95390f72c3e0b",
|
||
|
"pattern": "[file:hashes.MD5 = '383dabb25240be1a20dbd2793d60c4f7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5719-5814-496b-908d-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:57.000Z",
|
||
|
"modified": "2015-08-25T11:52:57.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:57Z",
|
||
|
"last_observed": "2015-08-25T11:52:57Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5719-5814-496b-908d-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5719-5814-496b-908d-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/d6f4e37f77d7bf69922793f2db5b0459df8708f3bd3f2edb6f5ecc707fbacaf2/analysis/1436726103/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571a-8414-4e93-aaa4-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:58.000Z",
|
||
|
"modified": "2015-08-25T11:52:58.000Z",
|
||
|
"description": "- Xchecked via VT: d3ab3f733ad076546abb7debc3c79575083ec6d0",
|
||
|
"pattern": "[file:hashes.SHA256 = '81e02ba8c11e31924db819ff5d07bdce60b28e7937414be4a48af2edb5150306']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571a-0910-4e39-979e-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:58.000Z",
|
||
|
"modified": "2015-08-25T11:52:58.000Z",
|
||
|
"description": "- Xchecked via VT: d3ab3f733ad076546abb7debc3c79575083ec6d0",
|
||
|
"pattern": "[file:hashes.MD5 = '479164bbed030446d3b08e718789edb7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571a-1e3c-49e7-a402-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:58.000Z",
|
||
|
"modified": "2015-08-25T11:52:58.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:58Z",
|
||
|
"last_observed": "2015-08-25T11:52:58Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571a-1e3c-49e7-a402-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571a-1e3c-49e7-a402-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/81e02ba8c11e31924db819ff5d07bdce60b28e7937414be4a48af2edb5150306/analysis/1439900715/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571a-5a70-4f22-aa88-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:58.000Z",
|
||
|
"modified": "2015-08-25T11:52:58.000Z",
|
||
|
"description": "- Xchecked via VT: c707f688eff865b1f40dcb5dddd130b508d8e589",
|
||
|
"pattern": "[file:hashes.SHA256 = '2577ca0019b1dffb245664f1108303bd44a1d4ea4f3c7f6db6a138b8a3a8c21a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571b-0268-4c1e-8b9a-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:59.000Z",
|
||
|
"modified": "2015-08-25T11:52:59.000Z",
|
||
|
"description": "- Xchecked via VT: c707f688eff865b1f40dcb5dddd130b508d8e589",
|
||
|
"pattern": "[file:hashes.MD5 = '5f5abd0c5507bd62dd63400af4be1e8d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571b-6ec4-4d3b-a698-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:59.000Z",
|
||
|
"modified": "2015-08-25T11:52:59.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:59Z",
|
||
|
"last_observed": "2015-08-25T11:52:59Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571b-6ec4-4d3b-a698-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571b-6ec4-4d3b-a698-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/2577ca0019b1dffb245664f1108303bd44a1d4ea4f3c7f6db6a138b8a3a8c21a/analysis/1437646594/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571b-3cfc-423d-93ba-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:59.000Z",
|
||
|
"modified": "2015-08-25T11:52:59.000Z",
|
||
|
"description": "- Xchecked via VT: bbece44ad7d76ffc70239cc97f5238de01ce6ccd",
|
||
|
"pattern": "[file:hashes.SHA256 = 'eeab19dfc4f9bce9fc3af8022659739d51bb9eeac6a535d35d883aa977fe43bb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571b-ade0-4681-aa11-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:59.000Z",
|
||
|
"modified": "2015-08-25T11:52:59.000Z",
|
||
|
"description": "- Xchecked via VT: bbece44ad7d76ffc70239cc97f5238de01ce6ccd",
|
||
|
"pattern": "[file:hashes.MD5 = '7c86c775b747b0822c61bde92ad2778b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:52:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571b-dc50-490d-afd4-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:52:59.000Z",
|
||
|
"modified": "2015-08-25T11:52:59.000Z",
|
||
|
"first_observed": "2015-08-25T11:52:59Z",
|
||
|
"last_observed": "2015-08-25T11:52:59Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571b-dc50-490d-afd4-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571b-dc50-490d-afd4-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/eeab19dfc4f9bce9fc3af8022659739d51bb9eeac6a535d35d883aa977fe43bb/analysis/1436420992/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571c-9be0-4d77-91c7-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:00.000Z",
|
||
|
"modified": "2015-08-25T11:53:00.000Z",
|
||
|
"description": "- Xchecked via VT: baea5192f69d7942722138445ed74c5a9909d255",
|
||
|
"pattern": "[file:hashes.SHA256 = '9263b30a0fce35b4586be316d5f2f91dd96638402bc683b458ae47d5276d2a21']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571c-6e98-440f-8910-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:00.000Z",
|
||
|
"modified": "2015-08-25T11:53:00.000Z",
|
||
|
"description": "- Xchecked via VT: baea5192f69d7942722138445ed74c5a9909d255",
|
||
|
"pattern": "[file:hashes.MD5 = 'c1908d434318e66ca14bb123f47f9595']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571c-7644-43d2-8a93-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:00.000Z",
|
||
|
"modified": "2015-08-25T11:53:00.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:00Z",
|
||
|
"last_observed": "2015-08-25T11:53:00Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571c-7644-43d2-8a93-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571c-7644-43d2-8a93-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/9263b30a0fce35b4586be316d5f2f91dd96638402bc683b458ae47d5276d2a21/analysis/1440150583/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571c-70e0-4881-8621-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:00.000Z",
|
||
|
"modified": "2015-08-25T11:53:00.000Z",
|
||
|
"description": "- Xchecked via VT: b4a3ad2992af82d739d4eb110fab6966479ffd62",
|
||
|
"pattern": "[file:hashes.SHA256 = '40450ddd0c9c0afbf067464f1e69e5cbaad0c7d59a32c47fb1bc77fd31a7249d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571c-4628-4d5e-a80e-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:00.000Z",
|
||
|
"modified": "2015-08-25T11:53:00.000Z",
|
||
|
"description": "- Xchecked via VT: b4a3ad2992af82d739d4eb110fab6966479ffd62",
|
||
|
"pattern": "[file:hashes.MD5 = '7b9f0ec04d9ea12ac8f08ab04189553e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571d-02d4-4af5-8d5d-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:01.000Z",
|
||
|
"modified": "2015-08-25T11:53:01.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:01Z",
|
||
|
"last_observed": "2015-08-25T11:53:01Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571d-02d4-4af5-8d5d-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571d-02d4-4af5-8d5d-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/40450ddd0c9c0afbf067464f1e69e5cbaad0c7d59a32c47fb1bc77fd31a7249d/analysis/1440451147/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571d-e548-4496-8178-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:01.000Z",
|
||
|
"modified": "2015-08-25T11:53:01.000Z",
|
||
|
"description": "- Xchecked via VT: b31423f986f562ae2070b5d103435a2bd0783762",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e6d937bc005052781da6c32816b427d86429766901f20c98ca6f0010fd71777c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571d-5930-41d2-9772-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:01.000Z",
|
||
|
"modified": "2015-08-25T11:53:01.000Z",
|
||
|
"description": "- Xchecked via VT: b31423f986f562ae2070b5d103435a2bd0783762",
|
||
|
"pattern": "[file:hashes.MD5 = '16767c9c918831d61daa28fa325b933e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571d-da7c-4484-844f-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:01.000Z",
|
||
|
"modified": "2015-08-25T11:53:01.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:01Z",
|
||
|
"last_observed": "2015-08-25T11:53:01Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571d-da7c-4484-844f-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571d-da7c-4484-844f-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/e6d937bc005052781da6c32816b427d86429766901f20c98ca6f0010fd71777c/analysis/1439399106/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571e-5170-4f78-b475-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:02.000Z",
|
||
|
"modified": "2015-08-25T11:53:02.000Z",
|
||
|
"description": "- Xchecked via VT: b2abfaa9d14435a5b079b847a039b57b4036836c",
|
||
|
"pattern": "[file:hashes.SHA256 = 'f68398589b80dabc714fe67a78cd10e5dd7e396d8fbbd9e806ee81315b302428']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571e-9a20-483c-b155-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:02.000Z",
|
||
|
"modified": "2015-08-25T11:53:02.000Z",
|
||
|
"description": "- Xchecked via VT: b2abfaa9d14435a5b079b847a039b57b4036836c",
|
||
|
"pattern": "[file:hashes.MD5 = '2286b884c3782b342097c31e88084da9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571e-329c-496b-bf49-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:02.000Z",
|
||
|
"modified": "2015-08-25T11:53:02.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:02Z",
|
||
|
"last_observed": "2015-08-25T11:53:02Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571e-329c-496b-bf49-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571e-329c-496b-bf49-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/f68398589b80dabc714fe67a78cd10e5dd7e396d8fbbd9e806ee81315b302428/analysis/1435812751/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571e-2cd0-4f69-a7eb-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:02.000Z",
|
||
|
"modified": "2015-08-25T11:53:02.000Z",
|
||
|
"description": "- Xchecked via VT: a7c016bee0766f57f6a977f248c45cf06de5ab00",
|
||
|
"pattern": "[file:hashes.SHA256 = '0da4a1fad6f8f239bbb2a9424cc990cd0f157bb2c46eb45300db4b7d37c82b34']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571e-46c4-4afd-bc65-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:02.000Z",
|
||
|
"modified": "2015-08-25T11:53:02.000Z",
|
||
|
"description": "- Xchecked via VT: a7c016bee0766f57f6a977f248c45cf06de5ab00",
|
||
|
"pattern": "[file:hashes.MD5 = '2972c1706b8b37d717b51d38cb4bd9d3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571f-ad10-408c-a6ef-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:03.000Z",
|
||
|
"modified": "2015-08-25T11:53:03.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:03Z",
|
||
|
"last_observed": "2015-08-25T11:53:03Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571f-ad10-408c-a6ef-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571f-ad10-408c-a6ef-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/0da4a1fad6f8f239bbb2a9424cc990cd0f157bb2c46eb45300db4b7d37c82b34/analysis/1435817094/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571f-98bc-4cd2-b74a-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:03.000Z",
|
||
|
"modified": "2015-08-25T11:53:03.000Z",
|
||
|
"description": "- Xchecked via VT: 93327b8105ea5f67a5a5bcb3ffe9b8cbe75185d0",
|
||
|
"pattern": "[file:hashes.SHA256 = 'facc9a5f02e8d18c9cbac9ee760ffa38b2854e5d5c89a529e368be8857bc55a9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571f-f8cc-4c12-85db-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:03.000Z",
|
||
|
"modified": "2015-08-25T11:53:03.000Z",
|
||
|
"description": "- Xchecked via VT: 93327b8105ea5f67a5a5bcb3ffe9b8cbe75185d0",
|
||
|
"pattern": "[file:hashes.MD5 = '8b59a1229aa72bebb46f2503a4607461']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc571f-e998-40ff-8215-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:03.000Z",
|
||
|
"modified": "2015-08-25T11:53:03.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:03Z",
|
||
|
"last_observed": "2015-08-25T11:53:03Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc571f-e998-40ff-8215-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc571f-e998-40ff-8215-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/facc9a5f02e8d18c9cbac9ee760ffa38b2854e5d5c89a529e368be8857bc55a9/analysis/1437559537/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc571f-0874-4b50-b2e1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:03.000Z",
|
||
|
"modified": "2015-08-25T11:53:03.000Z",
|
||
|
"description": "- Xchecked via VT: 92d4c9117fb2fe48333e71822e433807fb5198c4",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b9cd2fcfe6550c3a6b64466ce786b9f28ca9efbd0945547d269222d8811f3d0a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5720-8138-48a4-969e-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:04.000Z",
|
||
|
"modified": "2015-08-25T11:53:04.000Z",
|
||
|
"description": "- Xchecked via VT: 92d4c9117fb2fe48333e71822e433807fb5198c4",
|
||
|
"pattern": "[file:hashes.MD5 = '20d7facbd11a8805a562d5d588817fc4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5720-59e0-40c3-9547-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:04.000Z",
|
||
|
"modified": "2015-08-25T11:53:04.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:04Z",
|
||
|
"last_observed": "2015-08-25T11:53:04Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5720-59e0-40c3-9547-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5720-59e0-40c3-9547-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/b9cd2fcfe6550c3a6b64466ce786b9f28ca9efbd0945547d269222d8811f3d0a/analysis/1439559619/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5720-54dc-48a8-a0b1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:04.000Z",
|
||
|
"modified": "2015-08-25T11:53:04.000Z",
|
||
|
"description": "- Xchecked via VT: 8b6619e4d4ef2297a18e8dd3aad9dda93883d574",
|
||
|
"pattern": "[file:hashes.SHA256 = '28cc1c484e61cf9486725ad5b7f8bfd13fadb5e16d08e2430cfac37a1deec57a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5720-bfe4-49c9-89ea-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:04.000Z",
|
||
|
"modified": "2015-08-25T11:53:04.000Z",
|
||
|
"description": "- Xchecked via VT: 8b6619e4d4ef2297a18e8dd3aad9dda93883d574",
|
||
|
"pattern": "[file:hashes.MD5 = 'c295963453a26ed1a3604f4082ecc90a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5720-35dc-4793-b608-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:04.000Z",
|
||
|
"modified": "2015-08-25T11:53:04.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:04Z",
|
||
|
"last_observed": "2015-08-25T11:53:04Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5720-35dc-4793-b608-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5720-35dc-4793-b608-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/28cc1c484e61cf9486725ad5b7f8bfd13fadb5e16d08e2430cfac37a1deec57a/analysis/1437427427/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5721-5b38-415b-bf95-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:05.000Z",
|
||
|
"modified": "2015-08-25T11:53:05.000Z",
|
||
|
"description": "- Xchecked via VT: 8ab7df1193c9a3f6ad33426b634c581939dc9281",
|
||
|
"pattern": "[file:hashes.SHA256 = '5fb9e66744b72d928db335ef97f649ab84dfcc304ca49cd9e2311de9328a8406']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5721-7790-4a7c-b35f-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:05.000Z",
|
||
|
"modified": "2015-08-25T11:53:05.000Z",
|
||
|
"description": "- Xchecked via VT: 8ab7df1193c9a3f6ad33426b634c581939dc9281",
|
||
|
"pattern": "[file:hashes.MD5 = 'f0bd2d03ca3f61b1f407c7bc7db439b3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5721-b5d8-4d95-b3bf-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:05.000Z",
|
||
|
"modified": "2015-08-25T11:53:05.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:05Z",
|
||
|
"last_observed": "2015-08-25T11:53:05Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5721-b5d8-4d95-b3bf-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5721-b5d8-4d95-b3bf-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/5fb9e66744b72d928db335ef97f649ab84dfcc304ca49cd9e2311de9328a8406/analysis/1440429193/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5721-2978-497b-b2d7-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:05.000Z",
|
||
|
"modified": "2015-08-25T11:53:05.000Z",
|
||
|
"description": "- Xchecked via VT: 8422d870ebcafeb6c51142f1a95cc5b8f64b43ba",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c6fdd7d62549c47b17beab67e5243c8aae47c10fd1eec38f652348aae15f0688']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5722-679c-40d1-81cd-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:06.000Z",
|
||
|
"modified": "2015-08-25T11:53:06.000Z",
|
||
|
"description": "- Xchecked via VT: 8422d870ebcafeb6c51142f1a95cc5b8f64b43ba",
|
||
|
"pattern": "[file:hashes.MD5 = '243dfd99146fac38d1e22e90e8fafb05']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5722-04dc-4b02-8360-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:06.000Z",
|
||
|
"modified": "2015-08-25T11:53:06.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:06Z",
|
||
|
"last_observed": "2015-08-25T11:53:06Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5722-04dc-4b02-8360-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5722-04dc-4b02-8360-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/c6fdd7d62549c47b17beab67e5243c8aae47c10fd1eec38f652348aae15f0688/analysis/1435812790/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5722-9be4-4ab7-a435-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:06.000Z",
|
||
|
"modified": "2015-08-25T11:53:06.000Z",
|
||
|
"description": "- Xchecked via VT: 83f1b17fb18fc0ad14ce1bbf2a5d165404edef93",
|
||
|
"pattern": "[file:hashes.SHA256 = 'bed8a7fc2b724593d8695be76607ea7129725c57c3fd21be2629c3f7df4381a7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5722-25ec-4b4e-b3a9-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:06.000Z",
|
||
|
"modified": "2015-08-25T11:53:06.000Z",
|
||
|
"description": "- Xchecked via VT: 83f1b17fb18fc0ad14ce1bbf2a5d165404edef93",
|
||
|
"pattern": "[file:hashes.MD5 = '7dc9770adead1c42b1e85c8341dbe1fb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5722-6340-418c-98e8-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:06.000Z",
|
||
|
"modified": "2015-08-25T11:53:06.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:06Z",
|
||
|
"last_observed": "2015-08-25T11:53:06Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5722-6340-418c-98e8-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5722-6340-418c-98e8-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/bed8a7fc2b724593d8695be76607ea7129725c57c3fd21be2629c3f7df4381a7/analysis/1435216385/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5723-e984-4284-9adf-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:07.000Z",
|
||
|
"modified": "2015-08-25T11:53:07.000Z",
|
||
|
"description": "- Xchecked via VT: 653cccc1daa752da24a9afbdad0449baae07bf1c",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd91f608cd30d22fca65a1ff90805f46faa65ffa8335dd54cbe54ed08e0574e83']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5723-939c-4348-953c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:07.000Z",
|
||
|
"modified": "2015-08-25T11:53:07.000Z",
|
||
|
"description": "- Xchecked via VT: 653cccc1daa752da24a9afbdad0449baae07bf1c",
|
||
|
"pattern": "[file:hashes.MD5 = 'fdf2b4a03d829f0a4609b3e569319c82']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5723-4f10-455c-977d-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:07.000Z",
|
||
|
"modified": "2015-08-25T11:53:07.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:07Z",
|
||
|
"last_observed": "2015-08-25T11:53:07Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5723-4f10-455c-977d-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5723-4f10-455c-977d-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/d91f608cd30d22fca65a1ff90805f46faa65ffa8335dd54cbe54ed08e0574e83/analysis/1437654497/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5723-52b0-47ca-ac5f-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:07.000Z",
|
||
|
"modified": "2015-08-25T11:53:07.000Z",
|
||
|
"description": "- Xchecked via VT: 61481016dace6765a485f32fd52760b2fb9b95ec",
|
||
|
"pattern": "[file:hashes.SHA256 = 'fec402d83ee5d29707c749b9c2b74fe438e39f53f3ca464180335448e0fcb9ce']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5723-d318-48b0-b0ea-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:07.000Z",
|
||
|
"modified": "2015-08-25T11:53:07.000Z",
|
||
|
"description": "- Xchecked via VT: 61481016dace6765a485f32fd52760b2fb9b95ec",
|
||
|
"pattern": "[file:hashes.MD5 = '8c62d43ee165859603c532beecdbadde']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5724-289c-45a7-8f54-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:08.000Z",
|
||
|
"modified": "2015-08-25T11:53:08.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:08Z",
|
||
|
"last_observed": "2015-08-25T11:53:08Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5724-289c-45a7-8f54-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5724-289c-45a7-8f54-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/fec402d83ee5d29707c749b9c2b74fe438e39f53f3ca464180335448e0fcb9ce/analysis/1440429678/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5724-b270-43ec-b4b0-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:08.000Z",
|
||
|
"modified": "2015-08-25T11:53:08.000Z",
|
||
|
"description": "- Xchecked via VT: 5b85b8cd91539f19f0d0cb2fc692722bc944f32a",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c50b9668a253fcae81a51490b0c5ecee4d33ce044b61256053a9704cd43f74d0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5724-354c-4f86-aa57-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:08.000Z",
|
||
|
"modified": "2015-08-25T11:53:08.000Z",
|
||
|
"description": "- Xchecked via VT: 5b85b8cd91539f19f0d0cb2fc692722bc944f32a",
|
||
|
"pattern": "[file:hashes.MD5 = '570cd1165867ed5959505ddef7181c70']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5724-55c0-4917-9d19-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:08.000Z",
|
||
|
"modified": "2015-08-25T11:53:08.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:08Z",
|
||
|
"last_observed": "2015-08-25T11:53:08Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5724-55c0-4917-9d19-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5724-55c0-4917-9d19-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/c50b9668a253fcae81a51490b0c5ecee4d33ce044b61256053a9704cd43f74d0/analysis/1440489400/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5725-e55c-42b9-b049-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:09.000Z",
|
||
|
"modified": "2015-08-25T11:53:09.000Z",
|
||
|
"description": "- Xchecked via VT: 496f84635f216e93d9661a403e43ff1903a2a2e8",
|
||
|
"pattern": "[file:hashes.SHA256 = '0e71bb693affd72709f2dc29c3a34e1cb22b7513b1b4c941a0fc4af4fa52f643']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5725-eebc-43e9-904f-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:09.000Z",
|
||
|
"modified": "2015-08-25T11:53:09.000Z",
|
||
|
"description": "- Xchecked via VT: 496f84635f216e93d9661a403e43ff1903a2a2e8",
|
||
|
"pattern": "[file:hashes.MD5 = 'e7666efc0761575ccdb5880a1b7465b6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5725-a614-414f-b5dd-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:09.000Z",
|
||
|
"modified": "2015-08-25T11:53:09.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:09Z",
|
||
|
"last_observed": "2015-08-25T11:53:09Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5725-a614-414f-b5dd-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5725-a614-414f-b5dd-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/0e71bb693affd72709f2dc29c3a34e1cb22b7513b1b4c941a0fc4af4fa52f643/analysis/1439630963/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5725-1a7c-40a6-98a4-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:09.000Z",
|
||
|
"modified": "2015-08-25T11:53:09.000Z",
|
||
|
"description": "- Xchecked via VT: 48593abe9a8543c9183e375fc185fd97c28f3549",
|
||
|
"pattern": "[file:hashes.SHA256 = 'a61d316b92a96570fa552c225840ba3aaa64e462b566cfbd1c1316449e40f6a0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5725-3d90-4b3c-b0cd-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:09.000Z",
|
||
|
"modified": "2015-08-25T11:53:09.000Z",
|
||
|
"description": "- Xchecked via VT: 48593abe9a8543c9183e375fc185fd97c28f3549",
|
||
|
"pattern": "[file:hashes.MD5 = 'ee2c37e042c83a838c44e167c3a17b34']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5726-bd90-4d38-8566-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:10.000Z",
|
||
|
"modified": "2015-08-25T11:53:10.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:10Z",
|
||
|
"last_observed": "2015-08-25T11:53:10Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5726-bd90-4d38-8566-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5726-bd90-4d38-8566-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/a61d316b92a96570fa552c225840ba3aaa64e462b566cfbd1c1316449e40f6a0/analysis/1436510106/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5726-6ce4-4dd9-abea-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:10.000Z",
|
||
|
"modified": "2015-08-25T11:53:10.000Z",
|
||
|
"description": "- Xchecked via VT: 462fe924876597a9396999dd24773e8ed9746997",
|
||
|
"pattern": "[file:hashes.SHA256 = 'bd681b5180050347e05c83603b6856f188734003965ccc4e8ae7a08e446c9d22']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5726-1464-4a09-b80a-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:10.000Z",
|
||
|
"modified": "2015-08-25T11:53:10.000Z",
|
||
|
"description": "- Xchecked via VT: 462fe924876597a9396999dd24773e8ed9746997",
|
||
|
"pattern": "[file:hashes.MD5 = 'd70a4a7aea97a215055b4688ee5babab']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5726-fca8-4b08-a4cb-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:10.000Z",
|
||
|
"modified": "2015-08-25T11:53:10.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:10Z",
|
||
|
"last_observed": "2015-08-25T11:53:10Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5726-fca8-4b08-a4cb-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5726-fca8-4b08-a4cb-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/bd681b5180050347e05c83603b6856f188734003965ccc4e8ae7a08e446c9d22/analysis/1438087964/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5726-3cf0-4ff7-9b54-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:10.000Z",
|
||
|
"modified": "2015-08-25T11:53:10.000Z",
|
||
|
"description": "- Xchecked via VT: 4398c2b731f4939414bba70aac5260ff1d1ae865",
|
||
|
"pattern": "[file:hashes.SHA256 = '2aeb22de92fa72c47ea11937396fd95dfa1ecd6a488bb147c9f37ac27d95ade7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5727-7328-494a-8dfe-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:11.000Z",
|
||
|
"modified": "2015-08-25T11:53:11.000Z",
|
||
|
"description": "- Xchecked via VT: 4398c2b731f4939414bba70aac5260ff1d1ae865",
|
||
|
"pattern": "[file:hashes.MD5 = '1feb08ffd937d3422df09aee75f8bfff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5727-12e8-4ecb-84e7-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:11.000Z",
|
||
|
"modified": "2015-08-25T11:53:11.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:11Z",
|
||
|
"last_observed": "2015-08-25T11:53:11Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5727-12e8-4ecb-84e7-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5727-12e8-4ecb-84e7-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/2aeb22de92fa72c47ea11937396fd95dfa1ecd6a488bb147c9f37ac27d95ade7/analysis/1436749555/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5727-9604-4b2e-a33c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:11.000Z",
|
||
|
"modified": "2015-08-25T11:53:11.000Z",
|
||
|
"description": "- Xchecked via VT: 4011a69c7dcc5d1f903f2f777fb3e35de748c8a3",
|
||
|
"pattern": "[file:hashes.SHA256 = '56206ea9de0381486bcda6c1fe4d29d0f1da48113cfa3fd7f54a531f45dafb2b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5727-0628-4ec7-8818-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:11.000Z",
|
||
|
"modified": "2015-08-25T11:53:11.000Z",
|
||
|
"description": "- Xchecked via VT: 4011a69c7dcc5d1f903f2f777fb3e35de748c8a3",
|
||
|
"pattern": "[file:hashes.MD5 = '20b469f31855d481e8d2915a847c42e5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5728-cce0-4493-98d9-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:12.000Z",
|
||
|
"modified": "2015-08-25T11:53:12.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:12Z",
|
||
|
"last_observed": "2015-08-25T11:53:12Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5728-cce0-4493-98d9-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5728-cce0-4493-98d9-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/56206ea9de0381486bcda6c1fe4d29d0f1da48113cfa3fd7f54a531f45dafb2b/analysis/1438850875/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5728-ac34-47d7-b7e3-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:12.000Z",
|
||
|
"modified": "2015-08-25T11:53:12.000Z",
|
||
|
"description": "- Xchecked via VT: 3f548e9f4f8b1c1ee9341055a75345e1d2b4358a",
|
||
|
"pattern": "[file:hashes.SHA256 = 'a4398453c7ba07b88ad96cfedaba3c1910f965e5f139d2788afe820c14d44b39']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5728-ee14-4768-b58c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:12.000Z",
|
||
|
"modified": "2015-08-25T11:53:12.000Z",
|
||
|
"description": "- Xchecked via VT: 3f548e9f4f8b1c1ee9341055a75345e1d2b4358a",
|
||
|
"pattern": "[file:hashes.MD5 = '592ec4221dcc29434303d8336f49c29b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5728-802c-4545-b115-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:12.000Z",
|
||
|
"modified": "2015-08-25T11:53:12.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:12Z",
|
||
|
"last_observed": "2015-08-25T11:53:12Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5728-802c-4545-b115-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5728-802c-4545-b115-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/a4398453c7ba07b88ad96cfedaba3c1910f965e5f139d2788afe820c14d44b39/analysis/1436696530/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5728-97cc-40bd-88ce-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:12.000Z",
|
||
|
"modified": "2015-08-25T11:53:12.000Z",
|
||
|
"description": "- Xchecked via VT: 2ca92663a66a5b2047a921f746be56674fa05631",
|
||
|
"pattern": "[file:hashes.SHA256 = '8290bbddc108323037e273ba80b0fd0db97473e1db44f96c911ca7166db1f0f7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5729-6a0c-4e90-a176-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:13.000Z",
|
||
|
"modified": "2015-08-25T11:53:13.000Z",
|
||
|
"description": "- Xchecked via VT: 2ca92663a66a5b2047a921f746be56674fa05631",
|
||
|
"pattern": "[file:hashes.MD5 = '507ec9380858996e536a608c072c8584']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5729-2ae8-4305-a41b-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:13.000Z",
|
||
|
"modified": "2015-08-25T11:53:13.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:13Z",
|
||
|
"last_observed": "2015-08-25T11:53:13Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5729-2ae8-4305-a41b-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5729-2ae8-4305-a41b-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/8290bbddc108323037e273ba80b0fd0db97473e1db44f96c911ca7166db1f0f7/analysis/1440238100/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc5729-2b28-410d-a606-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:13.000Z",
|
||
|
"modified": "2015-08-25T11:53:13.000Z",
|
||
|
"description": "- Xchecked via VT: 2a1a0eb2b6071c56f25c4304c555da350d67c99a",
|
||
|
"pattern": "[file:hashes.SHA256 = 'a55e5f1cdcdd5203da5e18148c85d7249396c899bba47584fd65c31be1f52a6f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc5729-ea60-4523-80b5-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:13.000Z",
|
||
|
"modified": "2015-08-25T11:53:13.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:13Z",
|
||
|
"last_observed": "2015-08-25T11:53:13Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc5729-ea60-4523-80b5-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc5729-ea60-4523-80b5-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/a55e5f1cdcdd5203da5e18148c85d7249396c899bba47584fd65c31be1f52a6f/analysis/1436693910/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572a-e358-4c90-9ae3-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:14.000Z",
|
||
|
"modified": "2015-08-25T11:53:14.000Z",
|
||
|
"description": "- Xchecked via VT: 1f5be0bd8fa955cfd11be6fb35210bb398eed193",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e81aaf2c6fde03ee86a269cfea4e3956ad859bd24892fc264b1223ee7f3b6140']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572a-bbe4-477c-8bfc-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:14.000Z",
|
||
|
"modified": "2015-08-25T11:53:14.000Z",
|
||
|
"description": "- Xchecked via VT: 1f5be0bd8fa955cfd11be6fb35210bb398eed193",
|
||
|
"pattern": "[file:hashes.MD5 = 'a6b760343bc8cae5bff9ecb2b60441a4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc572a-c374-4dfc-a3b2-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:14.000Z",
|
||
|
"modified": "2015-08-25T11:53:14.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:14Z",
|
||
|
"last_observed": "2015-08-25T11:53:14Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc572a-c374-4dfc-a3b2-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc572a-c374-4dfc-a3b2-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/e81aaf2c6fde03ee86a269cfea4e3956ad859bd24892fc264b1223ee7f3b6140/analysis/1437399387/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572a-bf3c-46c0-b73c-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:14.000Z",
|
||
|
"modified": "2015-08-25T11:53:14.000Z",
|
||
|
"description": "- Xchecked via VT: 12cb416b69ffc56c12aad92f95040603261dc217",
|
||
|
"pattern": "[file:hashes.SHA256 = '7faa4c2cdf029707289637077a48710cecd7624cdc7366b154e3881c3c5c5608']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572b-5070-49bb-a474-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:15.000Z",
|
||
|
"modified": "2015-08-25T11:53:15.000Z",
|
||
|
"description": "- Xchecked via VT: 12cb416b69ffc56c12aad92f95040603261dc217",
|
||
|
"pattern": "[file:hashes.MD5 = '1d2686ff1c20644963b17ff43645270e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc572b-4770-4a42-9471-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:15.000Z",
|
||
|
"modified": "2015-08-25T11:53:15.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:15Z",
|
||
|
"last_observed": "2015-08-25T11:53:15Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc572b-4770-4a42-9471-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc572b-4770-4a42-9471-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/7faa4c2cdf029707289637077a48710cecd7624cdc7366b154e3881c3c5c5608/analysis/1435812616/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572b-6cac-4db0-8f14-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:15.000Z",
|
||
|
"modified": "2015-08-25T11:53:15.000Z",
|
||
|
"description": "- Xchecked via VT: 071b754bffa96101bf8c563ad7efd4df3f221b2e",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e9354a199825bed552754b84745a8208d7f5de44344ca2ac7856914f02e81a6d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55dc572b-5d60-4035-8ae1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:15.000Z",
|
||
|
"modified": "2015-08-25T11:53:15.000Z",
|
||
|
"description": "- Xchecked via VT: 071b754bffa96101bf8c563ad7efd4df3f221b2e",
|
||
|
"pattern": "[file:hashes.MD5 = 'bb37735d1162ad7430d1f194ed8adc5a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-08-25T11:53:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--55dc572b-d61c-4522-b5a1-d963950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-08-25T11:53:15.000Z",
|
||
|
"modified": "2015-08-25T11:53:15.000Z",
|
||
|
"first_observed": "2015-08-25T11:53:15Z",
|
||
|
"last_observed": "2015-08-25T11:53:15Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--55dc572b-d61c-4522-b5a1-d963950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--55dc572b-d61c-4522-b5a1-d963950d210b",
|
||
|
"value": "https://www.virustotal.com/file/e9354a199825bed552754b84745a8208d7f5de44344ca2ac7856914f02e81a6d/analysis/1437389000/"
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|