misp-circl-feed/feeds/circl/stix-2.1/5900a0d3-4c08-4f82-a9ae-2c2f950d210f.json

1481 lines
59 KiB
JSON
Raw Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--5900a0d3-4c08-4f82-a9ae-2c2f950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-27T09:57:55.000Z",
"modified": "2017-04-27T09:57:55.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5900a0d3-4c08-4f82-a9ae-2c2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-27T09:57:55.000Z",
"modified": "2017-04-27T09:57:55.000Z",
"name": "Dridex 2017-04-11 : botnet 7200/7500 campaigns",
"published": "2017-04-27T15:02:29Z",
"object_refs": [
"indicator--5900a0d4-dc1c-4572-96d5-2c3e950d210f",
"indicator--5900a0d5-b5d0-4df6-8ff4-0686950d210f",
"indicator--5900a0d5-96e4-4caf-bd99-2c48950d210f",
"indicator--5900a0d6-3b84-4be5-9850-2c46950d210f",
"indicator--5900a0d7-f64c-49ab-8349-4811950d210f",
"indicator--5900a0d7-bcf0-4961-8102-0684950d210f",
"indicator--5900a0d8-48c8-4799-b8aa-2c2f950d210f",
"indicator--5900a0d9-3ebc-4b03-bd33-0686950d210f",
"indicator--5900a0da-91f0-46b0-92ee-2c2d950d210f",
"indicator--5900a0da-7358-4344-93e7-4360950d210f",
"indicator--5900a0db-37ac-42c3-a6b2-0684950d210f",
"indicator--5900a0dc-9e5c-4ced-a2bb-2c3e950d210f",
"indicator--5900a0dd-e594-4b59-ab3c-2c48950d210f",
"indicator--5900a0dd-7678-469b-a1b7-2c46950d210f",
"indicator--5900a0de-39f4-4a75-8afb-4357950d210f",
"indicator--5900a0df-9c70-4afe-9248-4c00950d210f",
"indicator--5900a0df-3060-4899-ac0a-0684950d210f",
"indicator--5900a0e0-64f4-4f4d-93d7-0686950d210f",
"indicator--5900a0e1-e448-48b4-ac20-2c46950d210f",
"indicator--5900a0e2-d588-42c9-85f4-4c4b950d210f",
"indicator--5900a0e2-eb90-443d-a16e-2c48950d210f",
"indicator--5900a0e3-a838-46e4-9d33-4a40950d210f",
"indicator--5900a0e4-3a34-4789-8afd-06bc950d210f",
"indicator--5900a0e5-59a4-4c25-a3c9-4217950d210f",
"indicator--5900a0e6-a6b4-48ce-8c07-4663950d210f",
"indicator--5900a0e6-a04c-4268-85b8-40a1950d210f",
"indicator--5900a0e7-f940-4905-8ebe-06bc950d210f",
"indicator--5900a0e8-fca4-4bcd-a3ce-4f5e950d210f",
"indicator--5900a0e8-d690-4acb-af34-2c37950d210f",
"indicator--5900a0e9-c0e4-4f8d-ae33-4841950d210f",
"indicator--5900a0ea-ec6c-4600-ba66-2c48950d210f",
"indicator--5900a0eb-c7b8-4d60-ba32-2c4c950d210f",
"indicator--5900a0eb-b6cc-4777-b723-2c33950d210f",
"indicator--5900a0ec-3180-48bd-be0f-4fbb950d210f",
"indicator--5900a0ed-f12c-466f-a08e-4e56950d210f",
"indicator--5900a0ed-54ac-4b9e-8759-403a950d210f",
"indicator--5900a0ee-0a50-45a7-8216-0684950d210f",
"indicator--5900a0ef-27c8-43b4-9226-2c2f950d210f",
"indicator--5900a0f0-8e10-43c8-84c5-2c42950d210f",
"indicator--5900a0f0-c2b0-4785-97db-4366950d210f",
"indicator--5900a0f1-8e60-49dd-b0da-2c4c950d210f",
"indicator--5900a0f2-7ca0-491d-b39d-4178950d210f",
"indicator--5900a0f2-76a8-4cf1-b064-2c44950d210f",
"indicator--5900a0f3-3950-4fc9-bbe9-2c3e950d210f",
"indicator--5900a0f4-f9a4-48c6-9122-2c4e950d210f",
"indicator--5900a0f4-69d4-432c-9003-2c37950d210f",
"indicator--5900a0f5-f020-415d-9591-4953950d210f",
"indicator--5900a0f6-ba78-4518-ba88-2c4c950d210f",
"indicator--5900a0f7-33c8-4356-894d-43be950d210f",
"indicator--5900a0f7-c6c8-4574-9364-06bc950d210f",
"indicator--5900a0f8-2ce4-43ab-93c0-2c42950d210f",
"indicator--5900a0f9-1228-4cff-be14-2c2d950d210f",
"indicator--5900a0f9-af84-4dee-86da-2c48950d210f",
"indicator--5900a0fa-2f64-46b5-a2fa-2c33950d210f",
"indicator--5900a0fb-6600-4c5b-a5d7-4356950d210f",
"indicator--5900a0fb-f260-4da2-9c30-4a4c950d210f",
"indicator--5900a0fe-5fd0-4e4a-b77a-2c48950d210f",
"indicator--5900a0ff-5388-4293-aa1b-2c33950d210f",
"indicator--5900a100-21cc-4441-8897-434f950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"Dridex\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d4-dc1c-4572-96d5-2c3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:56.000Z",
"modified": "2017-04-26T13:29:56.000Z",
"pattern": "[url:value = 'http://cloud9ss.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d5-b5d0-4df6-8ff4-0686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:57.000Z",
"modified": "2017-04-26T13:29:57.000Z",
"pattern": "[domain-name:value = 'cloud9ss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d5-96e4-4caf-bd99-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:57.000Z",
"modified": "2017-04-26T13:29:57.000Z",
"description": "cloud9ss.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.87.190.234']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d6-3b84-4be5-9850-2c46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:58.000Z",
"modified": "2017-04-26T13:29:58.000Z",
"pattern": "[url:value = 'http://compoclinic.com.br/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d7-f64c-49ab-8349-4811950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:59.000Z",
"modified": "2017-04-26T13:29:59.000Z",
"pattern": "[domain-name:value = 'compoclinic.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d7-bcf0-4961-8102-0684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:29:59.000Z",
"modified": "2017-04-26T13:29:59.000Z",
"description": "compoclinic.com.br",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.1.208.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:29:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d8-48c8-4799-b8aa-2c2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:00.000Z",
"modified": "2017-04-26T13:30:00.000Z",
"pattern": "[url:value = 'http://construction1909.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0d9-3ebc-4b03-bd33-0686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:01.000Z",
"modified": "2017-04-26T13:30:01.000Z",
"pattern": "[domain-name:value = 'construction1909.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0da-91f0-46b0-92ee-2c2d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:02.000Z",
"modified": "2017-04-26T13:30:02.000Z",
"description": "construction1909.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.171.36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0da-7358-4344-93e7-4360950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:02.000Z",
"modified": "2017-04-26T13:30:02.000Z",
"pattern": "[url:value = 'http://darvonharris.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0db-37ac-42c3-a6b2-0684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:03.000Z",
"modified": "2017-04-26T13:30:03.000Z",
"pattern": "[domain-name:value = 'darvonharris.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0dc-9e5c-4ced-a2bb-2c3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:04.000Z",
"modified": "2017-04-26T13:30:04.000Z",
"description": "darvonharris.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.56.176']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0dd-e594-4b59-ab3c-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:05.000Z",
"modified": "2017-04-26T13:30:05.000Z",
"pattern": "[url:value = 'http://glassorchids.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0dd-7678-469b-a1b7-2c46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:05.000Z",
"modified": "2017-04-26T13:30:05.000Z",
"pattern": "[domain-name:value = 'glassorchids.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0de-39f4-4a75-8afb-4357950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:06.000Z",
"modified": "2017-04-26T13:30:06.000Z",
"description": "glassorchids.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.117.161.226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0df-9c70-4afe-9248-4c00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:07.000Z",
"modified": "2017-04-26T13:30:07.000Z",
"pattern": "[url:value = 'http://i-call.it/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0df-3060-4899-ac0a-0684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:07.000Z",
"modified": "2017-04-26T13:30:07.000Z",
"pattern": "[domain-name:value = 'i-call.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e0-64f4-4f4d-93d7-0686950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:08.000Z",
"modified": "2017-04-26T13:30:08.000Z",
"description": "i-call.it",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.58.80.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e1-e448-48b4-ac20-2c46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:09.000Z",
"modified": "2017-04-26T13:30:09.000Z",
"pattern": "[url:value = 'http://itibambu.com.br/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e2-d588-42c9-85f4-4c4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:10.000Z",
"modified": "2017-04-26T13:30:10.000Z",
"pattern": "[domain-name:value = 'itibambu.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e2-eb90-443d-a16e-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:10.000Z",
"modified": "2017-04-26T13:30:10.000Z",
"description": "itibambu.com.br",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.45.193.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e3-a838-46e4-9d33-4a40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:11.000Z",
"modified": "2017-04-26T13:30:11.000Z",
"pattern": "[url:value = 'http://jenya.kossoy.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e4-3a34-4789-8afd-06bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:12.000Z",
"modified": "2017-04-26T13:30:12.000Z",
"pattern": "[domain-name:value = 'jenya.kossoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e5-59a4-4c25-a3c9-4217950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:13.000Z",
"modified": "2017-04-26T13:30:13.000Z",
"description": "jenya.kossoy.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.111.126.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e6-a6b4-48ce-8c07-4663950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:14.000Z",
"modified": "2017-04-26T13:30:14.000Z",
"pattern": "[url:value = 'http://lawrenceres.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e6-a04c-4268-85b8-40a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:14.000Z",
"modified": "2017-04-26T13:30:14.000Z",
"pattern": "[domain-name:value = 'lawrenceres.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e7-f940-4905-8ebe-06bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:15.000Z",
"modified": "2017-04-26T13:30:15.000Z",
"description": "lawrenceres.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.87.186.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e8-fca4-4bcd-a3ce-4f5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:16.000Z",
"modified": "2017-04-26T13:30:16.000Z",
"pattern": "[url:value = 'http://marksrepair.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e8-d690-4acb-af34-2c37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:16.000Z",
"modified": "2017-04-26T13:30:16.000Z",
"pattern": "[domain-name:value = 'marksrepair.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0e9-c0e4-4f8d-ae33-4841950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:17.000Z",
"modified": "2017-04-26T13:30:17.000Z",
"description": "marksrepair.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.41.149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ea-ec6c-4600-ba66-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:18.000Z",
"modified": "2017-04-26T13:30:18.000Z",
"pattern": "[url:value = 'http://medjobsmatch.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0eb-c7b8-4d60-ba32-2c4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:19.000Z",
"modified": "2017-04-26T13:30:19.000Z",
"pattern": "[domain-name:value = 'medjobsmatch.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0eb-b6cc-4777-b723-2c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:19.000Z",
"modified": "2017-04-26T13:30:19.000Z",
"description": "medjobsmatch.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.143.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ec-3180-48bd-be0f-4fbb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:20.000Z",
"modified": "2017-04-26T13:30:20.000Z",
"pattern": "[url:value = 'http://mentalmysteries.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ed-f12c-466f-a08e-4e56950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:21.000Z",
"modified": "2017-04-26T13:30:21.000Z",
"pattern": "[domain-name:value = 'mentalmysteries.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ed-54ac-4b9e-8759-403a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:21.000Z",
"modified": "2017-04-26T13:30:21.000Z",
"description": "mentalmysteries.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.225.160.236']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ee-0a50-45a7-8216-0684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:22.000Z",
"modified": "2017-04-26T13:30:22.000Z",
"pattern": "[url:value = 'http://mentoryourmind.org/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ef-27c8-43b4-9226-2c2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:23.000Z",
"modified": "2017-04-26T13:30:23.000Z",
"pattern": "[domain-name:value = 'mentoryourmind.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f0-8e10-43c8-84c5-2c42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:24.000Z",
"modified": "2017-04-26T13:30:24.000Z",
"description": "mentoryourmind.org",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.137.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f0-c2b0-4785-97db-4366950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:24.000Z",
"modified": "2017-04-26T13:30:24.000Z",
"pattern": "[url:value = 'http://outoftheboxpc.org/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f1-8e60-49dd-b0da-2c4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:25.000Z",
"modified": "2017-04-26T13:30:25.000Z",
"pattern": "[domain-name:value = 'outoftheboxpc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f2-7ca0-491d-b39d-4178950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:26.000Z",
"modified": "2017-04-26T13:30:26.000Z",
"description": "outoftheboxpc.org",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.87.186.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f2-76a8-4cf1-b064-2c44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:26.000Z",
"modified": "2017-04-26T13:30:26.000Z",
"pattern": "[url:value = 'http://ozcom.net/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f3-3950-4fc9-bbe9-2c3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:27.000Z",
"modified": "2017-04-26T13:30:27.000Z",
"pattern": "[domain-name:value = 'ozcom.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f4-f9a4-48c6-9122-2c4e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:28.000Z",
"modified": "2017-04-26T13:30:28.000Z",
"description": "ozcom.net",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.35.252']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f4-69d4-432c-9003-2c37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:28.000Z",
"modified": "2017-04-26T13:30:28.000Z",
"pattern": "[url:value = 'http://perisoft.org/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f5-f020-415d-9591-4953950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:29.000Z",
"modified": "2017-04-26T13:30:29.000Z",
"pattern": "[domain-name:value = 'perisoft.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f6-ba78-4518-ba88-2c4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:30.000Z",
"modified": "2017-04-26T13:30:30.000Z",
"description": "perisoft.org",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.40.138.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f7-33c8-4356-894d-43be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:31.000Z",
"modified": "2017-04-26T13:30:31.000Z",
"pattern": "[url:value = 'http://prime.comcastbiz.net/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f7-c6c8-4574-9364-06bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:31.000Z",
"modified": "2017-04-26T13:30:31.000Z",
"pattern": "[domain-name:value = 'prime.comcastbiz.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f8-2ce4-43ab-93c0-2c42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:32.000Z",
"modified": "2017-04-26T13:30:32.000Z",
"description": "prime.comcastbiz.net",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.87.186.70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f9-1228-4cff-be14-2c2d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:33.000Z",
"modified": "2017-04-26T13:30:33.000Z",
"pattern": "[url:value = 'http://semfamily.com/kjv783r']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0f9-af84-4dee-86da-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:33.000Z",
"modified": "2017-04-26T13:30:33.000Z",
"pattern": "[domain-name:value = 'semfamily.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0fa-2f64-46b5-a2fa-2c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:34.000Z",
"modified": "2017-04-26T13:30:34.000Z",
"description": "semfamily.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.254.190.157']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0fb-6600-4c5b-a5d7-4356950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:35.000Z",
"modified": "2017-04-26T13:30:35.000Z",
"pattern": "[url:value = 'http://hyoeyeep.ws/template.doc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0fb-f260-4da2-9c30-4a4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:35.000Z",
"modified": "2017-04-26T13:30:35.000Z",
"pattern": "[domain-name:value = 'hyoeyeep.ws']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0fe-5fd0-4e4a-b77a-2c48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:38.000Z",
"modified": "2017-04-26T13:30:38.000Z",
"description": "hyoeyeep.ws",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.91.76.119']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a0ff-5388-4293-aa1b-2c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:39.000Z",
"modified": "2017-04-26T13:30:39.000Z",
"pattern": "[url:value = 'http://hyoeyeep.ws/sp.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5900a100-21cc-4441-8897-434f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-26T13:30:40.000Z",
"modified": "2017-04-26T13:30:40.000Z",
"pattern": "[url:value = 'http://hyoeyeep.ws/sp.doc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-26T13:30:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}