adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5832c7f9-9148-4e20-8122-4f19950d210f.json

1360 lines
55 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5832c7f9-9148-4e20-8122-4f19950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:17.000Z",
"modified": "2016-11-21T10:22:17.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5832c7f9-9148-4e20-8122-4f19950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:17.000Z",
"modified": "2016-11-21T10:22:17.000Z",
"name": "OSINT - Nemucod downloader spreading via Facebook",
"published": "2016-11-21T10:35:22Z",
"object_refs": [
"observed-data--5832c804-e910-4061-97aa-4126950d210f",
"url--5832c804-e910-4061-97aa-4126950d210f",
"x-misp-attribute--5832c840-6754-4153-b4bc-4cb3950d210f",
"indicator--5832cabe-9f88-4e97-a285-4986950d210f",
"indicator--5832cabf-c618-4415-9c56-498f950d210f",
"indicator--5832cabf-7840-4178-8d39-492d950d210f",
"indicator--5832cac0-bea0-4519-8d2a-40a2950d210f",
"indicator--5832cac0-0b78-407c-b6a6-41eb950d210f",
"indicator--5832cac1-5d20-40c1-a771-4f97950d210f",
"indicator--5832cac1-d390-49bf-a5c8-4c2c950d210f",
"indicator--5832cac2-aae8-451f-8f2e-4693950d210f",
"indicator--5832cac2-6f1c-46d6-bebf-4365950d210f",
"indicator--5832cac3-5ca4-4ba3-a2d5-4dbb950d210f",
"indicator--5832cac3-1a7c-488d-b184-4c5e950d210f",
"indicator--5832cac4-94c0-4390-a50b-4139950d210f",
"indicator--5832cac4-a928-4812-894e-4f26950d210f",
"indicator--5832cac5-f7c8-4bb7-93de-4296950d210f",
"indicator--5832cac5-e970-4318-8ac9-416c950d210f",
"indicator--5832cac6-9120-4294-ac3a-46ec950d210f",
"indicator--5832cac6-fa74-457b-8266-43a2950d210f",
"indicator--5832cac7-8d40-417b-aa5a-47bc950d210f",
"indicator--5832cac7-02c0-4ab0-871a-41f8950d210f",
"indicator--5832cac7-60fc-45c7-bd89-4d7a950d210f",
"indicator--5832cac8-b250-4597-9a0d-481b950d210f",
"indicator--5832cac8-0954-43e2-89db-43e5950d210f",
"indicator--5832cac9-2f2c-4889-a2c9-4ba3950d210f",
"indicator--5832cac9-1964-4b1f-8481-4984950d210f",
"indicator--5832caca-e5bc-493c-9ed9-4e5b950d210f",
"indicator--5832caca-7654-4a9c-82c0-4c07950d210f",
"indicator--5832cacb-89e8-4f53-b8ea-4ebf950d210f",
"indicator--5832cacb-7bf0-4828-8462-4526950d210f",
"indicator--5832cacc-4408-4f47-af07-4658950d210f",
"indicator--5832cacc-eb00-4c0d-ae59-4602950d210f",
"indicator--5832cacd-3314-4277-8174-4c1d950d210f",
"indicator--5832cacd-9428-4a3e-a873-4a64950d210f",
"indicator--5832cace-8428-4e81-90e9-4a6c950d210f",
"indicator--5832cace-1ecc-45ea-9859-4635950d210f",
"indicator--5832cacf-02fc-41b8-93a1-4c2f950d210f",
"indicator--5832cacf-a334-4452-9ce3-4d8e950d210f",
"indicator--5832cad0-86f0-403f-83fd-4ec4950d210f",
"indicator--5832cad0-387c-4b76-94f2-4a59950d210f",
"indicator--5832cad1-61f4-4688-af5f-4ca5950d210f",
"indicator--5832cad1-a7b4-49ea-aabf-44d2950d210f",
"indicator--5832cad2-7bc0-4460-a291-4ab9950d210f",
"indicator--5832cad2-5b28-482e-9b28-4228950d210f",
"indicator--5832cad2-2c30-41bc-b642-447c950d210f",
"indicator--5832cad3-40b4-499d-b975-4816950d210f",
"indicator--5832cad3-9758-40c4-9c00-466b950d210f",
"indicator--5832cad4-3c50-4fb1-a33c-4200950d210f",
"indicator--5832cad5-e948-4f35-bf11-449d950d210f",
"indicator--5832cad5-67d4-48b7-92a6-436a950d210f",
"indicator--5832cad6-a7ec-4a4b-afb3-43f3950d210f",
"indicator--5832cad6-7f14-4cc1-ba46-4a7e950d210f",
"indicator--5832cad7-de70-48bd-b8d3-4597950d210f",
"indicator--5832cad8-013c-40ce-b765-488b950d210f",
"indicator--5832cad8-aa84-4eb5-9901-4429950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"osint:source-type=\"blog-post\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5832c804-e910-4061-97aa-4126950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:10:12.000Z",
"modified": "2016-11-21T10:10:12.000Z",
"first_observed": "2016-11-21T10:10:12Z",
"last_observed": "2016-11-21T10:10:12Z",
"number_observed": 1,
"object_refs": [
"url--5832c804-e910-4061-97aa-4126950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5832c804-e910-4061-97aa-4126950d210f",
"value": "https://bartblaze.blogspot.lu/2016/11/nemucod-downloader-spreading-via.html"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5832c840-6754-4153-b4bc-4cb3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:11:12.000Z",
"modified": "2016-11-21T10:11:12.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Earlier today, a friend of mine notified me of something strange going on with his Facebook account; a message containing only an image (an .svg file in reality) had been sent automatically, effectively bypassing Facebook's file extension filter:"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cabe-9f88-4e97-a285-4986950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:50.000Z",
"modified": "2016-11-21T10:21:50.000Z",
"pattern": "[file:hashes.SHA256 = '83ad5665517c351edc837b302f2a7f526bac35efe3ddc37019a635b128c5b17f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cabf-c618-4415-9c56-498f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:51.000Z",
"modified": "2016-11-21T10:21:51.000Z",
"pattern": "[file:hashes.SHA256 = '4716c34d635acb09888eefb6914d3fff4c80e43a08b261e82dd64389248061d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cabf-7840-4178-8d39-492d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:51.000Z",
"modified": "2016-11-21T10:21:51.000Z",
"pattern": "[file:hashes.SHA256 = '7034f525f3d32e3f115ccac73480125678a58da3fd025e0741c454fc152c8d34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac0-bea0-4519-8d2a-40a2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:52.000Z",
"modified": "2016-11-21T10:21:52.000Z",
"pattern": "[file:hashes.SHA256 = '32b1207717894c71c0fb71c064bace8d8a1c15056702f4172be61d7f1a0757bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac0-0b78-407c-b6a6-41eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:52.000Z",
"modified": "2016-11-21T10:21:52.000Z",
"pattern": "[file:hashes.SHA256 = 'cf4b8eaaa62ad7dc9afe0db4e38c36d41eee07c729db7d1c72bab0734d17ef7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac1-5d20-40c1-a771-4f97950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:53.000Z",
"modified": "2016-11-21T10:21:53.000Z",
"pattern": "[file:hashes.SHA256 = '5b8343d71ab93baee8fad73f8aa6a49f25d7e32bba3a485ece46609cff56b33e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac1-d390-49bf-a5c8-4c2c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:53.000Z",
"modified": "2016-11-21T10:21:53.000Z",
"pattern": "[file:hashes.SHA256 = 'fca1da5694b2c2c2da2a473f2972cfa808e906439e3f0cd23c650489f2b58755']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac2-aae8-451f-8f2e-4693950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:54.000Z",
"modified": "2016-11-21T10:21:54.000Z",
"pattern": "[file:hashes.SHA256 = 'b7b4be0656dd68fa1e2e5d830d1183f0b667fb7977f8a1a462f1f7a9aa5a7b9a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac2-6f1c-46d6-bebf-4365950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:54.000Z",
"modified": "2016-11-21T10:21:54.000Z",
"pattern": "[file:hashes.SHA256 = '5e9e3f9f96ce2333473a4c7eae8e07a0d0a38b24cb9effc67f0063f2eaec4c92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac3-5ca4-4ba3-a2d5-4dbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:55.000Z",
"modified": "2016-11-21T10:21:55.000Z",
"pattern": "[domain-name:value = 'afisutovu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac3-1a7c-488d-b184-4c5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:55.000Z",
"modified": "2016-11-21T10:21:55.000Z",
"pattern": "[domain-name:value = '8cb5d3e.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac4-94c0-4390-a50b-4139950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:56.000Z",
"modified": "2016-11-21T10:21:56.000Z",
"pattern": "[domain-name:value = 'kerman.pw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac4-a928-4812-894e-4f26950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:56.000Z",
"modified": "2016-11-21T10:21:56.000Z",
"pattern": "[url:value = 'http://kerman.pw/8cb5d3e.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac5-f7c8-4bb7-93de-4296950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:57.000Z",
"modified": "2016-11-21T10:21:57.000Z",
"pattern": "[url:value = 'https://8cb5d3e.com/8cb5d3e.js']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac5-e970-4318-8ac9-416c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:57.000Z",
"modified": "2016-11-21T10:21:57.000Z",
"pattern": "[url:value = 'http://kerman.pw/8cb5d3e.jpg.jpg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac6-9120-4294-ac3a-46ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:58.000Z",
"modified": "2016-11-21T10:21:58.000Z",
"pattern": "[url:value = 'http://afisutovu.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac6-fa74-457b-8266-43a2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:58.000Z",
"modified": "2016-11-21T10:21:58.000Z",
"pattern": "[file:hashes.MD5 = 'dd556768261bc12f21adf55641ca25f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac7-8d40-417b-aa5a-47bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:59.000Z",
"modified": "2016-11-21T10:21:59.000Z",
"pattern": "[file:hashes.MD5 = 'd629a6f74954be2914c9eef87d077cda']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac7-02c0-4ab0-871a-41f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:59.000Z",
"modified": "2016-11-21T10:21:59.000Z",
"pattern": "[file:hashes.MD5 = 'caea168f978301c878fc2cdb49da2dd1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac7-60fc-45c7-bd89-4d7a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:21:59.000Z",
"modified": "2016-11-21T10:21:59.000Z",
"pattern": "[file:hashes.MD5 = 'c82c05017b12899d673f78c744ff8c5d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:21:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac8-b250-4597-9a0d-481b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:00.000Z",
"modified": "2016-11-21T10:22:00.000Z",
"pattern": "[file:hashes.MD5 = '9c72ed9e33fb079566458cbc4e77f48a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac8-0954-43e2-89db-43e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:00.000Z",
"modified": "2016-11-21T10:22:00.000Z",
"pattern": "[file:hashes.MD5 = '9097171197b4f02d7b090dc1d04107bc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac9-2f2c-4889-a2c9-4ba3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:01.000Z",
"modified": "2016-11-21T10:22:01.000Z",
"pattern": "[file:hashes.MD5 = 'a5c51da26364442b10e784932944f4a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cac9-1964-4b1f-8481-4984950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:01.000Z",
"modified": "2016-11-21T10:22:01.000Z",
"pattern": "[file:hashes.MD5 = 'c533e9e9545ae38a5d30270f1e14ea53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832caca-e5bc-493c-9ed9-4e5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:02.000Z",
"modified": "2016-11-21T10:22:02.000Z",
"pattern": "[file:hashes.MD5 = 'a56722542884d0a2e7640a5e07812560']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832caca-7654-4a9c-82c0-4c07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:02.000Z",
"modified": "2016-11-21T10:22:02.000Z",
"pattern": "[file:hashes.SHA1 = 'cabdd3935ad24f70bc90538222bc3773673de3c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacb-89e8-4f53-b8ea-4ebf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:03.000Z",
"modified": "2016-11-21T10:22:03.000Z",
"pattern": "[file:hashes.SHA1 = 'b1f7460937b25430f0f2b070ab5bcd091d22d1ee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacb-7bf0-4828-8462-4526950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:03.000Z",
"modified": "2016-11-21T10:22:03.000Z",
"pattern": "[file:hashes.SHA1 = '8c05af5485b6575fe547a35cf7d1e8d571c416b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacc-4408-4f47-af07-4658950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:04.000Z",
"modified": "2016-11-21T10:22:04.000Z",
"pattern": "[file:hashes.SHA1 = 'cf246278d6c27b34c7b398c9e843df2031902706']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacc-eb00-4c0d-ae59-4602950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:04.000Z",
"modified": "2016-11-21T10:22:04.000Z",
"pattern": "[file:hashes.SHA1 = 'bebb25343cb1d5b713218ff28d015ad839d93c44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacd-3314-4277-8174-4c1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:05.000Z",
"modified": "2016-11-21T10:22:05.000Z",
"pattern": "[file:hashes.SHA1 = '9d91a39f13089822317b277caf0db909fd4db478']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacd-9428-4a3e-a873-4a64950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:05.000Z",
"modified": "2016-11-21T10:22:05.000Z",
"pattern": "[file:hashes.SHA1 = 'abe3431d56875e2ed7bb7552c89fc9f41224f91e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cace-8428-4e81-90e9-4a6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:06.000Z",
"modified": "2016-11-21T10:22:06.000Z",
"pattern": "[file:hashes.SHA1 = 'd707b4f20e952858e91fd3e597f731d664d18f68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cace-1ecc-45ea-9859-4635950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:06.000Z",
"modified": "2016-11-21T10:22:06.000Z",
"pattern": "[file:hashes.SHA1 = '2f9b85e8ba34509d8e24c9dd4947d3d2bcd5e834']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacf-02fc-41b8-93a1-4c2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:07.000Z",
"modified": "2016-11-21T10:22:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.32.125.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cacf-a334-4452-9ce3-4d8e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:07.000Z",
"modified": "2016-11-21T10:22:07.000Z",
"pattern": "[domain-name:value = 'ukay.pw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad0-86f0-403f-83fd-4ec4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:08.000Z",
"modified": "2016-11-21T10:22:08.000Z",
"pattern": "[domain-name:value = 'yadozalamom.pw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad0-387c-4b76-94f2-4a59950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:08.000Z",
"modified": "2016-11-21T10:22:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '139.59.153.214']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad1-61f4-4688-af5f-4ca5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:09.000Z",
"modified": "2016-11-21T10:22:09.000Z",
"pattern": "[file:hashes.SHA256 = '0210143a2016779f31099289a1238a81e8d9165f56cbeb4969091af9cb0ed6c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad1-a7b4-49ea-aabf-44d2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:09.000Z",
"modified": "2016-11-21T10:22:09.000Z",
"pattern": "[file:hashes.MD5 = 'f29e82d44b067c802576e7470dd0ad8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad2-7bc0-4460-a291-4ab9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:10.000Z",
"modified": "2016-11-21T10:22:10.000Z",
"pattern": "[file:hashes.SHA1 = '45e20b4ed53a367f53639b01cf330a622d577789']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad2-5b28-482e-9b28-4228950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:10.000Z",
"modified": "2016-11-21T10:22:10.000Z",
"pattern": "[file:hashes.SHA256 = '18ee4078bb2b0de650354b9e30f750479b9d217e4ac5dc6497c49fc9408332f1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad2-2c30-41bc-b642-447c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:10.000Z",
"modified": "2016-11-21T10:22:10.000Z",
"pattern": "[file:hashes.SHA256 = 'fe1520639a0255697ea7f21acaaa5b113558ee8fd91e7898bb748040740dbac6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad3-40b4-499d-b975-4816950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:11.000Z",
"modified": "2016-11-21T10:22:11.000Z",
"pattern": "[file:hashes.SHA256 = 'e30af36bdc23acbd0b1ae0397bea0dc29285599ef56a1599b0708e11de275b67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad3-9758-40c4-9c00-466b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:11.000Z",
"modified": "2016-11-21T10:22:11.000Z",
"pattern": "[file:hashes.SHA256 = 'df56b0ea56e20079e5e5bda8a937dcfff4128c2e4f78b794379e7d1c2a8752c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad4-3c50-4fb1-a33c-4200950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:12.000Z",
"modified": "2016-11-21T10:22:12.000Z",
"pattern": "[file:hashes.MD5 = '24c73af97aaa0f5436d523d42da8d36c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad5-e948-4f35-bf11-449d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:13.000Z",
"modified": "2016-11-21T10:22:13.000Z",
"pattern": "[file:hashes.MD5 = 'c268c4214ff0f146cbc71fe445950de1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad5-67d4-48b7-92a6-436a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:13.000Z",
"modified": "2016-11-21T10:22:13.000Z",
"pattern": "[file:hashes.MD5 = '32d21fe8f01fa65a3d4189e84db35e7a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad6-a7ec-4a4b-afb3-43f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:14.000Z",
"modified": "2016-11-21T10:22:14.000Z",
"pattern": "[file:hashes.MD5 = 'a19f44309f23e6323d9a26f9a8a6246e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad6-7f14-4cc1-ba46-4a7e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:14.000Z",
"modified": "2016-11-21T10:22:14.000Z",
"pattern": "[file:hashes.SHA1 = 'c88b3be2484c2c1f62479aaea5f1490abdfc7d90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad7-de70-48bd-b8d3-4597950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:15.000Z",
"modified": "2016-11-21T10:22:15.000Z",
"pattern": "[file:hashes.SHA1 = '04645687615eb072bb4220ef47c261d733a05e59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad8-013c-40ce-b765-488b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:16.000Z",
"modified": "2016-11-21T10:22:16.000Z",
"pattern": "[file:hashes.SHA1 = 'f797fb11a0ceb6f429d698975bbdb540cd528f6a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5832cad8-aa84-4eb5-9901-4429950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-11-21T10:22:16.000Z",
"modified": "2016-11-21T10:22:16.000Z",
"pattern": "[file:hashes.SHA1 = '214a5940bb28afdb830a0077b932a3f7ee88c98d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-11-21T10:22:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink