misp-circl-feed/feeds/circl/stix-2.1/59148a67-8914-4b6e-bc54-419b950d210f.json

1457 lines
58 KiB
JSON
Raw Normal View History

2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--59148a67-8914-4b6e-bc54-419b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-12T15:11:09.000Z",
"modified": "2017-05-12T15:11:09.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--59148a67-8914-4b6e-bc54-419b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-12T15:11:09.000Z",
"modified": "2017-05-12T15:11:09.000Z",
"name": "Jaff - file:nm.pdf",
"context": "suspicious-activity",
"object_refs": [
"indicator--59148a68-251c-437f-a9c3-4739950d210f",
"indicator--59148a69-76e4-48ce-980c-4f06950d210f",
"indicator--59148a6a-4f40-49f4-bac7-409f950d210f",
"indicator--59148a6a-9ecc-4541-a6ca-48c1950d210f",
"indicator--59148a6b-ab50-4dc2-8805-42b9950d210f",
"indicator--59148a6d-5c70-427d-9859-45b7950d210f",
"indicator--59148a6d-3c94-474f-bcb7-446d950d210f",
"indicator--59148a6e-a1a8-4509-9fc5-483a950d210f",
"indicator--59148a6f-a334-47e0-a3e1-4092950d210f",
"indicator--59148a6f-3eb4-4e60-b345-49a1950d210f",
"indicator--59148a71-90d0-4a5c-b266-4e6e950d210f",
"indicator--59148a71-3bb8-4102-9f4c-4746950d210f",
"indicator--59148a72-3ee0-453f-af56-458f950d210f",
"indicator--59148a73-d574-4509-afb7-4304950d210f",
"indicator--59148a75-ed58-48f6-b4f8-43ee950d210f",
"indicator--59148a76-0de0-4b61-9cff-4f70950d210f",
"indicator--59148a79-5538-41ad-813b-46ca950d210f",
"indicator--59148a7a-0558-4199-9727-48ee950d210f",
"indicator--59148a7b-98a8-4613-808a-e06f950d210f",
"indicator--59148a7d-d2e4-4972-91d8-4a56950d210f",
"indicator--59148a7d-a3f0-447e-8f2c-4f26950d210f",
"indicator--59148a7e-cb90-4f80-af92-433d950d210f",
"indicator--59148a7f-8e30-4930-b784-4c3a950d210f",
"indicator--59148a80-99ac-4a6c-90b8-49c2950d210f",
"indicator--59148a80-4a7c-4720-8bb7-4091950d210f",
"indicator--59148a81-5af4-4c3c-a0d0-4dfa950d210f",
"indicator--59148a82-8e44-426f-898c-4aa6950d210f",
"indicator--59148a83-ada8-4a5c-99ea-45b8950d210f",
"indicator--59148a84-1dc4-4320-918c-45ac950d210f",
"indicator--59148a85-97fc-4ea0-9429-e06f950d210f",
"indicator--59148a87-4868-47aa-aca3-406e950d210f",
"indicator--59148a87-3750-48cd-85df-4290950d210f",
"indicator--59148a88-dba8-4cad-a3c6-4be4950d210f",
"indicator--59148a89-87f0-46da-8224-4d34950d210f",
"indicator--59148a8a-ac3c-4351-9cb3-4ec1950d210f",
"indicator--59148a8b-8974-459d-bc72-4eae950d210f",
"indicator--59148a8c-9010-4682-852d-0326950d210f",
"indicator--59148a8d-7944-443c-be13-4644950d210f",
"indicator--59148a8d-5efc-478b-9ebb-4266950d210f",
"indicator--59148a8e-5bf8-407e-991f-4f85950d210f",
"indicator--59148a8f-4ba0-428e-b0fc-4aaa950d210f",
"indicator--59148a90-d210-48c9-8748-40ce950d210f",
"indicator--59148a91-e288-4207-857e-41c7950d210f",
"indicator--59148a92-6ca4-4d12-8e47-4058950d210f",
"indicator--59148a93-9ffc-42a9-b2b7-032b950d210f",
"indicator--59148a94-bd74-4c68-8d7f-4648950d210f",
"indicator--59148a95-21d8-41ad-9237-0338950d210f",
"indicator--59148a96-5f24-4555-96cb-4e4f950d210f",
"indicator--59148a96-ca3c-436f-b26f-4944950d210f",
"indicator--59148a97-4c30-4ffb-8ae9-4a42950d210f",
"indicator--59148a98-7cf0-4e57-8d97-49c0950d210f",
"indicator--59148a99-5e8c-4810-942a-0326950d210f",
"indicator--59148a9a-a298-4d7e-9b60-4ac6950d210f",
"indicator--59148a9b-e1c8-498f-92a8-42fd950d210f",
"indicator--59148a9b-cd74-4d30-8661-4ce6950d210f",
"indicator--59148a9c-d5f4-4db9-b95d-032b950d210f",
"observed-data--59148aa3-bbe0-4951-866f-032b950d210f",
"url--59148aa3-bbe0-4951-866f-032b950d210f",
"observed-data--59148aa4-7e6c-4fb9-ab23-4d5a950d210f",
"url--59148aa4-7e6c-4fb9-ab23-4d5a950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a68-251c-437f-a9c3-4739950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:36.000Z",
"modified": "2017-05-11T15:59:36.000Z",
"pattern": "[file:hashes.MD5 = '466db2d02db000f686f48c0700beb840']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a69-76e4-48ce-980c-4f06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:37.000Z",
"modified": "2017-05-11T15:59:37.000Z",
"pattern": "[file:hashes.MD5 = '35eed9cafb26975c42b7a621352565d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6a-4f40-49f4-bac7-409f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:38.000Z",
"modified": "2017-05-11T15:59:38.000Z",
"pattern": "[file:hashes.MD5 = '924c84415b775af12a10366469d3df69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6a-9ecc-4541-a6ca-48c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:38.000Z",
"modified": "2017-05-11T15:59:38.000Z",
"pattern": "[file:hashes.MD5 = '942c6a039724ed5326c3c247bfce3461']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6b-ab50-4dc2-8805-42b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:39.000Z",
"modified": "2017-05-11T15:59:39.000Z",
"pattern": "[file:hashes.SHA256 = '5722daf5c0b91363808d46a2c5b93a8f70f0dadd94866148d1d77975ba04d211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6d-5c70-427d-9859-45b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:41.000Z",
"modified": "2017-05-11T15:59:41.000Z",
"pattern": "[url:value = 'http://5hdnnd74fffrottd.com/af/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6d-3c94-474f-bcb7-446d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:41.000Z",
"modified": "2017-05-11T15:59:41.000Z",
"pattern": "[domain-name:value = '5hdnnd74fffrottd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6e-a1a8-4509-9fc5-483a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:42.000Z",
"modified": "2017-05-11T15:59:42.000Z",
"description": "5hdnnd74fffrottd.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.91.93.25']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6f-a334-47e0-a3e1-4092950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:43.000Z",
"modified": "2017-05-11T15:59:43.000Z",
"pattern": "[url:value = 'http://babil117.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a6f-3eb4-4e60-b345-49a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:43.000Z",
"modified": "2017-05-11T15:59:43.000Z",
"pattern": "[domain-name:value = 'babil117.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a71-90d0-4a5c-b266-4e6e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:45.000Z",
"modified": "2017-05-11T15:59:45.000Z",
"description": "babil117.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '219.118.71.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a71-3bb8-4102-9f4c-4746950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:45.000Z",
"modified": "2017-05-11T15:59:45.000Z",
"pattern": "[url:value = 'http://boaevents.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a72-3ee0-453f-af56-458f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:46.000Z",
"modified": "2017-05-11T15:59:46.000Z",
"pattern": "[domain-name:value = 'boaevents.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a73-d574-4509-afb7-4304950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:47.000Z",
"modified": "2017-05-11T15:59:47.000Z",
"description": "boaevents.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.124.249.18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a75-ed58-48f6-b4f8-43ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:49.000Z",
"modified": "2017-05-11T15:59:49.000Z",
"pattern": "[url:value = 'http://byydei74fg43ff4f.net/af/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a76-0de0-4b61-9cff-4f70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:50.000Z",
"modified": "2017-05-11T15:59:50.000Z",
"pattern": "[domain-name:value = 'byydei74fg43ff4f.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a79-5538-41ad-813b-46ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:53.000Z",
"modified": "2017-05-11T15:59:53.000Z",
"pattern": "[url:value = 'http://easysupport.us/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7a-0558-4199-9727-48ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:54.000Z",
"modified": "2017-05-11T15:59:54.000Z",
"pattern": "[domain-name:value = 'easysupport.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7b-98a8-4613-808a-e06f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:55.000Z",
"modified": "2017-05-11T15:59:55.000Z",
"description": "easysupport.us",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.58.93.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7d-d2e4-4972-91d8-4a56950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:57.000Z",
"modified": "2017-05-11T15:59:57.000Z",
"pattern": "[url:value = 'http://edluke.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7d-a3f0-447e-8f2c-4f26950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:57.000Z",
"modified": "2017-05-11T15:59:57.000Z",
"pattern": "[domain-name:value = 'edluke.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7e-cb90-4f80-af92-433d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:58.000Z",
"modified": "2017-05-11T15:59:58.000Z",
"description": "edluke.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.215.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a7f-8e30-4930-b784-4c3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T15:59:59.000Z",
"modified": "2017-05-11T15:59:59.000Z",
"pattern": "[url:value = 'http://julian-g.ro/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T15:59:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a80-99ac-4a6c-90b8-49c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:00.000Z",
"modified": "2017-05-11T16:00:00.000Z",
"pattern": "[domain-name:value = 'julian-g.ro']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a80-4a7c-4720-8bb7-4091950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:00.000Z",
"modified": "2017-05-11T16:00:00.000Z",
"description": "julian-g.ro",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.35.15.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a81-5af4-4c3c-a0d0-4dfa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:01.000Z",
"modified": "2017-05-11T16:00:01.000Z",
"pattern": "[url:value = 'http://phinamco.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a82-8e44-426f-898c-4aa6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:02.000Z",
"modified": "2017-05-11T16:00:02.000Z",
"pattern": "[domain-name:value = 'phinamco.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a83-ada8-4a5c-99ea-45b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:03.000Z",
"modified": "2017-05-11T16:00:03.000Z",
"description": "phinamco.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.18.4.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a84-1dc4-4320-918c-45ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:04.000Z",
"modified": "2017-05-11T16:00:04.000Z",
"pattern": "[url:value = 'http://takanashi.jp/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a85-97fc-4ea0-9429-e06f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:05.000Z",
"modified": "2017-05-11T16:00:05.000Z",
"pattern": "[domain-name:value = 'takanashi.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a87-4868-47aa-aca3-406e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:07.000Z",
"modified": "2017-05-11T16:00:07.000Z",
"description": "takanashi.jp",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.188.201.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a87-3750-48cd-85df-4290950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:07.000Z",
"modified": "2017-05-11T16:00:07.000Z",
"pattern": "[url:value = 'http://techno-kar.ru/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a88-dba8-4cad-a3c6-4be4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:08.000Z",
"modified": "2017-05-11T16:00:08.000Z",
"pattern": "[domain-name:value = 'techno-kar.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a89-87f0-46da-8224-4d34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:09.000Z",
"modified": "2017-05-11T16:00:09.000Z",
"description": "techno-kar.ru",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.139.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8a-ac3c-4351-9cb3-4ec1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:10.000Z",
"modified": "2017-05-11T16:00:10.000Z",
"pattern": "[url:value = 'http://tending.info/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8b-8974-459d-bc72-4eae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:11.000Z",
"modified": "2017-05-11T16:00:11.000Z",
"pattern": "[domain-name:value = 'tending.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8c-9010-4682-852d-0326950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:12.000Z",
"modified": "2017-05-11T16:00:12.000Z",
"description": "tending.info",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.75.98.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8d-7944-443c-be13-4644950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:13.000Z",
"modified": "2017-05-11T16:00:13.000Z",
"pattern": "[url:value = 'http://tiskr.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8d-5efc-478b-9ebb-4266950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:13.000Z",
"modified": "2017-05-11T16:00:13.000Z",
"pattern": "[domain-name:value = 'tiskr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8e-5bf8-407e-991f-4f85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:14.000Z",
"modified": "2017-05-11T16:00:14.000Z",
"description": "tiskr.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.230.252.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a8f-4ba0-428e-b0fc-4aaa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:15.000Z",
"modified": "2017-05-11T16:00:15.000Z",
"pattern": "[url:value = 'http://trans-atm.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a90-d210-48c9-8748-40ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:16.000Z",
"modified": "2017-05-11T16:00:16.000Z",
"pattern": "[domain-name:value = 'trans-atm.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a91-e288-4207-857e-41c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:17.000Z",
"modified": "2017-05-11T16:00:17.000Z",
"description": "trans-atm.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '201.150.35.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a92-6ca4-4d12-8e47-4058950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:18.000Z",
"modified": "2017-05-11T16:00:18.000Z",
"pattern": "[url:value = 'http://trialinsider.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a93-9ffc-42a9-b2b7-032b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:19.000Z",
"modified": "2017-05-11T16:00:19.000Z",
"pattern": "[domain-name:value = 'trialinsider.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a94-bd74-4c68-8d7f-4648950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:20.000Z",
"modified": "2017-05-11T16:00:20.000Z",
"description": "trialinsider.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.154.161.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a95-21d8-41ad-9237-0338950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:21.000Z",
"modified": "2017-05-11T16:00:21.000Z",
"description": "trialinsider.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.154.168.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a96-5f24-4555-96cb-4e4f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:21.000Z",
"modified": "2017-05-11T16:00:21.000Z",
"pattern": "[url:value = 'http://vscard.net/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a96-ca3c-436f-b26f-4944950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:22.000Z",
"modified": "2017-05-11T16:00:22.000Z",
"pattern": "[domain-name:value = 'vscard.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a97-4c30-4ffb-8ae9-4a42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:23.000Z",
"modified": "2017-05-11T16:00:23.000Z",
"description": "vscard.net",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.9.105.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a98-7cf0-4e57-8d97-49c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:24.000Z",
"modified": "2017-05-11T16:00:24.000Z",
"pattern": "[url:value = 'http://wipersdirect.com/f87346b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a99-5e8c-4810-942a-0326950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:25.000Z",
"modified": "2017-05-11T16:00:25.000Z",
"pattern": "[domain-name:value = 'wipersdirect.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a9a-a298-4d7e-9b60-4ac6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:26.000Z",
"modified": "2017-05-11T16:00:26.000Z",
"description": "wipersdirect.com",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.165.22.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a9b-e1c8-498f-92a8-42fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:27.000Z",
"modified": "2017-05-11T16:00:27.000Z",
"pattern": "[url:value = 'http://fkksjobnn43.org/a5/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a9b-cd74-4d30-8661-4ce6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:27.000Z",
"modified": "2017-05-11T16:00:27.000Z",
"pattern": "[domain-name:value = 'fkksjobnn43.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-11T16:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59148a9c-d5f4-4db9-b95d-032b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-12T15:02:17.000Z",
"modified": "2017-05-12T15:02:17.000Z",
"pattern": "[url:value = 'https://twitter.com/malwrhunterteam/status/862597006363152385']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-12T15:02:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "External analysis"
}
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59148aa3-bbe0-4951-866f-032b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:35.000Z",
"modified": "2017-05-11T16:00:35.000Z",
"first_observed": "2017-05-11T16:00:35Z",
"last_observed": "2017-05-11T16:00:35Z",
"number_observed": 1,
"object_refs": [
"url--59148aa3-bbe0-4951-866f-032b950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59148aa3-bbe0-4951-866f-032b950d210f",
"value": "https://www.hybrid-analysis.com/sample/5722daf5c0b91363808d46a2c5b93a8f70f0dadd94866148d1d77975ba04d211?environmentId=100"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59148aa4-7e6c-4fb9-ab23-4d5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-11T16:00:36.000Z",
"modified": "2017-05-11T16:00:36.000Z",
"first_observed": "2017-05-11T16:00:36Z",
"last_observed": "2017-05-11T16:00:36Z",
"number_observed": 1,
"object_refs": [
"url--59148aa4-7e6c-4fb9-ab23-4d5a950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59148aa4-7e6c-4fb9-ab23-4d5a950d210f",
"value": "https://www.virustotal.com/hr/file/5722daf5c0b91363808d46a2c5b93a8f70f0dadd94866148d1d77975ba04d211/analysis/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}