2023-06-14 17:31:25 +00:00
|
|
|
{
|
|
|
|
"type": "bundle",
|
|
|
|
"id": "bundle--5af5a58a-66f4-4eaf-b946-59320acd0835",
|
|
|
|
"objects": [
|
|
|
|
{
|
|
|
|
"type": "identity",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-15T15:49:53.000Z",
|
|
|
|
"modified": "2018-05-15T15:49:53.000Z",
|
|
|
|
"name": "Synovus Financial",
|
|
|
|
"identity_class": "organization"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "report",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "report--5af5a58a-66f4-4eaf-b946-59320acd0835",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-15T15:49:53.000Z",
|
|
|
|
"modified": "2018-05-15T15:49:53.000Z",
|
|
|
|
"name": "Emotet - 5/8/2018",
|
|
|
|
"published": "2018-05-15T16:15:35Z",
|
|
|
|
"object_refs": [
|
|
|
|
"indicator--f67a92d1-945e-4e31-ad53-2a2797897973",
|
|
|
|
"indicator--f618b3d9-6131-43db-9d1e-cef616d8bef3",
|
|
|
|
"indicator--688733eb-f5b9-4f69-9701-169583a680e6",
|
|
|
|
"indicator--7ac95f79-d72e-4173-8d16-9106baed9ca8",
|
|
|
|
"indicator--23551a1b-abb8-4a01-b9df-9c77423c4d1f",
|
|
|
|
"indicator--477d5369-1fa0-4e97-bb26-a697f3bcd279",
|
|
|
|
"indicator--2b6e3c95-6d88-4db4-a528-1f0dc6bf6360",
|
|
|
|
"indicator--4b79b330-a786-4add-8b1c-217472e1c79c",
|
|
|
|
"indicator--a3972426-304b-4492-baae-7aed34e70d5d",
|
|
|
|
"indicator--11940f6a-939f-45ad-872c-436e1ea9886a",
|
|
|
|
"indicator--5c0442ca-b570-4c10-8c22-fdba7ff0319c",
|
|
|
|
"indicator--5e4258d4-c6a9-4fc1-9570-bd3f579b57c1",
|
|
|
|
"indicator--c8072a74-7d7b-49fb-98c3-7b95840bb457",
|
|
|
|
"indicator--2f81d8c7-e1ef-454a-89d0-595405f7eae9",
|
|
|
|
"indicator--52ac89f5-ae8c-4eb4-966d-200ce5fdd62c",
|
|
|
|
"indicator--f21caa5d-a755-4ae0-b6fe-93639ed9ec5e",
|
|
|
|
"indicator--0a4a4180-cee8-422e-b5b4-69914ff3b5c6",
|
|
|
|
"indicator--9e13df00-628e-4b05-b098-fce3b50938a3",
|
|
|
|
"indicator--e9554d8b-b00e-4d1e-b654-587a41c1abeb",
|
|
|
|
"indicator--1b1b6692-5270-4ea5-be42-9fea930402ea",
|
|
|
|
"indicator--707b01ed-de66-41da-9209-3057a5967a72",
|
|
|
|
"indicator--e321e0d6-273b-4cdf-b162-2496ee579a80",
|
|
|
|
"indicator--3b1b3b82-68f3-47cc-bde1-02a453e48ffb",
|
|
|
|
"indicator--cd5652a0-3732-43e3-b232-f71c25d9fe46",
|
|
|
|
"indicator--f0ccd0d9-20e4-4b02-beeb-ba4b9a1d7070",
|
|
|
|
"indicator--3cc6ca37-1069-4e62-81ee-f15ea4bec8ad",
|
|
|
|
"indicator--92c8df07-fc22-4587-aee0-0e3a945274e3",
|
|
|
|
"indicator--7bc9520e-089c-4370-b32a-94b86d82f3da",
|
|
|
|
"indicator--3c856e37-6b20-4611-b275-681c40c40b61",
|
|
|
|
"indicator--ab562c28-79c1-43b8-a18b-7ae6b185965e",
|
|
|
|
"indicator--cd7e6c39-6d5b-4011-a6a2-9d846b777985",
|
|
|
|
"indicator--7b75ec6c-84ee-47a8-8709-ddc7958582dd",
|
|
|
|
"indicator--59915e27-36cb-4fc4-910c-25ea13134ea1",
|
|
|
|
"indicator--b9d44b5c-aaf7-474b-a268-9df0beb1bdf0",
|
|
|
|
"indicator--8709f76e-9eea-48d8-ae54-24adf75591ff",
|
|
|
|
"indicator--7bf57c2d-e481-4973-a80a-8d94338a7e1e",
|
|
|
|
"indicator--067b091d-2ab1-4940-af4c-d80266f990af",
|
|
|
|
"indicator--5c768682-8cc3-4e0b-8146-4addf5a67b58",
|
|
|
|
"indicator--38ea873e-e441-4082-a9ca-bc190c85571c",
|
|
|
|
"indicator--e6dfca2c-67e1-4c6a-b809-be879fc155d7",
|
|
|
|
"indicator--704001d9-7d05-49e0-98c2-11e092820e51",
|
|
|
|
"indicator--05a922f3-a289-46dc-8fd8-892e6bd472d6",
|
|
|
|
"indicator--38068dd4-0f37-4e46-b5bb-073fb26303f9",
|
|
|
|
"indicator--94289efa-5479-4e6d-921e-b80df80b6851",
|
|
|
|
"indicator--e8450b2c-8774-400a-86ed-87b8139ec2bb",
|
|
|
|
"indicator--0390fae1-a058-415b-aaa0-d55b733b03f6",
|
|
|
|
"indicator--a295de62-962b-44a8-bc88-36d2d424ff80",
|
|
|
|
"indicator--3c3fc91b-58f6-404e-9fbb-5b7dfb15b6c8",
|
|
|
|
"indicator--93bfab4f-e18b-4680-8df7-c173a07d35af",
|
|
|
|
"indicator--5668c7d3-a038-4ba1-8379-f0292f046f41",
|
|
|
|
"indicator--acc07ce3-5456-4395-a39d-9504d39d57af",
|
|
|
|
"indicator--6c1e167a-4aad-4d87-8568-4c882f1ad123",
|
|
|
|
"indicator--31aa9b2a-bd4f-4008-bcd6-722c855105bd",
|
|
|
|
"indicator--6adddf98-c74f-4c43-a56d-65f8e78e2f1f",
|
|
|
|
"indicator--3d8b625f-2031-4ff5-9406-f70e169b5360",
|
|
|
|
"indicator--b31cb3ad-efa6-4850-ba5b-d7a3087d07fd",
|
|
|
|
"indicator--5d93cf53-7d66-41c8-845d-1b0d060b2282",
|
|
|
|
"indicator--1e6e4452-2784-46cb-bcf7-0447a8d7ed2c",
|
|
|
|
"indicator--40292112-f2eb-4aaa-8a49-20c005d983a8",
|
|
|
|
"indicator--9b8bc11f-1884-44a1-9ad5-2c16bdac3c35",
|
|
|
|
"indicator--7bb0b3dc-fee3-420c-904c-ec03e4c81f40",
|
|
|
|
"indicator--33e6468e-3206-4a85-aaf7-165372a63456",
|
|
|
|
"indicator--beafce05-a7d7-40ee-a47f-3c8d52eabcb7",
|
|
|
|
"indicator--746c6396-ed21-4882-be7e-eb17ae03f0d7",
|
|
|
|
"indicator--96f7c568-2e34-4106-a261-dbed93540c3e",
|
|
|
|
"indicator--1e28b824-5b04-4022-95b1-8c144a4b52cc",
|
|
|
|
"indicator--66929aea-b5af-4d24-a49f-79651375a710",
|
|
|
|
"observed-data--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"network-traffic--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"ipv4-addr--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"observed-data--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"network-traffic--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"ipv4-addr--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"observed-data--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"network-traffic--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"ipv4-addr--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"observed-data--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"network-traffic--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"ipv4-addr--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"observed-data--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"network-traffic--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"ipv4-addr--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"observed-data--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"network-traffic--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"ipv4-addr--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"observed-data--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"network-traffic--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"ipv4-addr--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"observed-data--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"network-traffic--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"ipv4-addr--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"observed-data--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"network-traffic--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"ipv4-addr--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"observed-data--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"network-traffic--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"ipv4-addr--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"observed-data--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"network-traffic--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"ipv4-addr--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"observed-data--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"network-traffic--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"ipv4-addr--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"observed-data--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"network-traffic--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"ipv4-addr--fb286ec8-f785-4e14-bd9d-1f20a137000b"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"Threat-Report",
|
|
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
|
|
"misp-galaxy:tool=\"Emotet\""
|
|
|
|
],
|
|
|
|
"object_marking_refs": [
|
|
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--f67a92d1-945e-4e31-ad53-2a2797897973",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:42.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:42.000Z",
|
|
|
|
"pattern": "[file:hashes.MD5 = '4802c71207f072c96eeb048bade1d59d']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:42Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Payload delivery"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"md5\"",
|
|
|
|
"misp:category=\"Payload delivery\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--f618b3d9-6131-43db-9d1e-cef616d8bef3",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:45.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:45.000Z",
|
|
|
|
"pattern": "[url:value = 'http://n3rdz.com/oftHLj8LC/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:45Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--688733eb-f5b9-4f69-9701-169583a680e6",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:48.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:48.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'n3rdz.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:48Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--7ac95f79-d72e-4173-8d16-9106baed9ca8",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:51.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:51.000Z",
|
|
|
|
"pattern": "[url:value = 'http://www.fanoff.com/iLZmyz8BYAr/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:51Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--23551a1b-abb8-4a01-b9df-9c77423c4d1f",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:54.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:54.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'www.fanoff.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:54Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--477d5369-1fa0-4e97-bb26-a697f3bcd279",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:15:57.000Z",
|
|
|
|
"modified": "2018-05-11T14:15:57.000Z",
|
|
|
|
"pattern": "[url:value = 'http://deist-online.de/7STybAm/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:15:57Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--2b6e3c95-6d88-4db4-a528-1f0dc6bf6360",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:00.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:00.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'deist-online.de']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:00Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--4b79b330-a786-4add-8b1c-217472e1c79c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:03.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:03.000Z",
|
|
|
|
"pattern": "[url:value = 'http://4ushop.cz/Se1nefi/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:03Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--a3972426-304b-4492-baae-7aed34e70d5d",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:06.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:06.000Z",
|
|
|
|
"pattern": "[domain-name:value = '4ushop.cz']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:06Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--11940f6a-939f-45ad-872c-436e1ea9886a",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:09.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:09.000Z",
|
|
|
|
"pattern": "[url:value = 'http://triadesolucoes.com.br/xcJfsALEdHF/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:09Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5c0442ca-b570-4c10-8c22-fdba7ff0319c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:11.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:11.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'triadesolucoes.com.br']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:11Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5e4258d4-c6a9-4fc1-9570-bd3f579b57c1",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:14.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:14.000Z",
|
|
|
|
"pattern": "[url:value = 'http://limitedwisdom.com/yOVlSpGAzc2hEnp/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:14Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--c8072a74-7d7b-49fb-98c3-7b95840bb457",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:17.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:17.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'limitedwisdom.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:17Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--2f81d8c7-e1ef-454a-89d0-595405f7eae9",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:20.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:20.000Z",
|
|
|
|
"pattern": "[url:value = 'http://die3t.de/0L7WojLqP/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:20Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--52ac89f5-ae8c-4eb4-966d-200ce5fdd62c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:23.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:23.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'die3t.de']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:23Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--f21caa5d-a755-4ae0-b6fe-93639ed9ec5e",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:26.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:26.000Z",
|
|
|
|
"pattern": "[url:value = 'http://detonator.jp/blkoddw2GfrrH4/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:26Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--0a4a4180-cee8-422e-b5b4-69914ff3b5c6",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:29.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:29.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'detonator.jp']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:29Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--9e13df00-628e-4b05-b098-fce3b50938a3",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:32.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:32.000Z",
|
|
|
|
"pattern": "[url:value = 'http://delta.com.gt/css/ORlU9GY6S/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:32Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--e9554d8b-b00e-4d1e-b654-587a41c1abeb",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:35.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:35.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'delta.com.gt']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:35Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--1b1b6692-5270-4ea5-be42-9fea930402ea",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:44.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:44.000Z",
|
|
|
|
"pattern": "[url:value = 'http://deinc.com/VBvmYquV/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:44Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--707b01ed-de66-41da-9209-3057a5967a72",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:47.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:47.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'deinc.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:47Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--e321e0d6-273b-4cdf-b162-2496ee579a80",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:50.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:50.000Z",
|
|
|
|
"pattern": "[url:value = 'http://dds.com.mx/K9GttZDgzJjSJ/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:50Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--3b1b3b82-68f3-47cc-bde1-02a453e48ffb",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:53.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:53.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'dds.com.mx']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:53Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--cd5652a0-3732-43e3-b232-f71c25d9fe46",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:56.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:56.000Z",
|
|
|
|
"pattern": "[url:value = 'http://davidmaude.com/TLBBxxE5jZUij/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:56Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--f0ccd0d9-20e4-4b02-beeb-ba4b9a1d7070",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:16:59.000Z",
|
|
|
|
"modified": "2018-05-11T14:16:59.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'davidmaude.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:16:59Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--3cc6ca37-1069-4e62-81ee-f15ea4bec8ad",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:02.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:02.000Z",
|
|
|
|
"pattern": "[url:value = 'http://datos.com.tw/image/album/normal/FDD3wggXRW/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:02Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--92c8df07-fc22-4587-aee0-0e3a945274e3",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:05.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:05.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'datos.com.tw']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:05Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--7bc9520e-089c-4370-b32a-94b86d82f3da",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:08.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:08.000Z",
|
|
|
|
"pattern": "[url:value = 'http://corazonltd.jp/LpuDpB2/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:08Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--3c856e37-6b20-4611-b275-681c40c40b61",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:11.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:11.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'corazonltd.jp']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:11Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--ab562c28-79c1-43b8-a18b-7ae6b185965e",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:14.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:14.000Z",
|
|
|
|
"pattern": "[url:value = 'http://cninin.com/app/2zxBimojWmD1NNX/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:14Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--cd7e6c39-6d5b-4011-a6a2-9d846b777985",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:17.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:17.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'cninin.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:17Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--7b75ec6c-84ee-47a8-8709-ddc7958582dd",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:20.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:20.000Z",
|
|
|
|
"pattern": "[url:value = 'http://clickdeal.us/TXvVSYUYasoPT6/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:20Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--59915e27-36cb-4fc4-910c-25ea13134ea1",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:23.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:23.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'clickdeal.us']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:23Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--b9d44b5c-aaf7-474b-a268-9df0beb1bdf0",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:26.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:26.000Z",
|
|
|
|
"pattern": "[url:value = 'http://ccsweb.com.br/8PFNndSkq9cIsx/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:26Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--8709f76e-9eea-48d8-ae54-24adf75591ff",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:29.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:29.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'ccsweb.com.br']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:29Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--7bf57c2d-e481-4973-a80a-8d94338a7e1e",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:32.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:32.000Z",
|
|
|
|
"pattern": "[url:value = 'http://callisto.co.in/lTHSC25VDpia/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:32Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--067b091d-2ab1-4940-af4c-d80266f990af",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:35.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:35.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'callisto.co.in']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:35Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5c768682-8cc3-4e0b-8146-4addf5a67b58",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:38.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:38.000Z",
|
|
|
|
"pattern": "[url:value = 'http://bydecon.com.au/s1llOSJ4ugd9/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:38Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--38ea873e-e441-4082-a9ca-bc190c85571c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:41.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:41.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'bydecon.com.au']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:41Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--e6dfca2c-67e1-4c6a-b809-be879fc155d7",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:44.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:44.000Z",
|
|
|
|
"pattern": "[url:value = 'http://bluemirage.com/DtQMtqnPLPxF/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:44Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--704001d9-7d05-49e0-98c2-11e092820e51",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:47.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:47.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'bluemirage.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:47Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--05a922f3-a289-46dc-8fd8-892e6bd472d6",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:50.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:50.000Z",
|
|
|
|
"pattern": "[url:value = 'http://bashastudio.sk/YSXRNj7/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:50Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--38068dd4-0f37-4e46-b5bb-073fb26303f9",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:53.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:53.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'bashastudio.sk']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:53Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--94289efa-5479-4e6d-921e-b80df80b6851",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:56.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:56.000Z",
|
|
|
|
"pattern": "[url:value = 'http://aptcviajar.com/gutBR9tV1yrrjTG/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:56Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--e8450b2c-8774-400a-86ed-87b8139ec2bb",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:17:59.000Z",
|
|
|
|
"modified": "2018-05-11T14:17:59.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'aptcviajar.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:17:59Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--0390fae1-a058-415b-aaa0-d55b733b03f6",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:01.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:01.000Z",
|
|
|
|
"pattern": "[url:value = 'http://anzo.jp/cxtpOgetcafOic/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:01Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--a295de62-962b-44a8-bc88-36d2d424ff80",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:04.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:04.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'anzo.jp']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:04Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--3c3fc91b-58f6-404e-9fbb-5b7dfb15b6c8",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:07.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:07.000Z",
|
|
|
|
"pattern": "[url:value = 'http://amfdesigner.com.br/J9XslMV9XvqHJoJ/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:07Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--93bfab4f-e18b-4680-8df7-c173a07d35af",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:09.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:09.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'amfdesigner.com.br']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:09Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5668c7d3-a038-4ba1-8379-f0292f046f41",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:12.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:12.000Z",
|
|
|
|
"pattern": "[url:value = 'http://amborzasco.it/foto/sagra2009/nKo6BtjKK/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:12Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--acc07ce3-5456-4395-a39d-9504d39d57af",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:14.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:14.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'amborzasco.it']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:14Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--6c1e167a-4aad-4d87-8568-4c882f1ad123",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:17.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:17.000Z",
|
|
|
|
"pattern": "[url:value = 'http://alpineinternet.com.au/RTwaqnBl4en9/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:17Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--31aa9b2a-bd4f-4008-bcd6-722c855105bd",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:20.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:20.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'alpineinternet.com.au']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:20Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--6adddf98-c74f-4c43-a56d-65f8e78e2f1f",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:22.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:22.000Z",
|
|
|
|
"pattern": "[url:value = 'http://algia.com.ar/4PjFc9yJ/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:22Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--3d8b625f-2031-4ff5-9406-f70e169b5360",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:25.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:25.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'algia.com.ar']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:25Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--b31cb3ad-efa6-4850-ba5b-d7a3087d07fd",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:27.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:27.000Z",
|
|
|
|
"pattern": "[url:value = 'http://aiwei-evy.cn/Fi0ZueSLN/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:27Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--5d93cf53-7d66-41c8-845d-1b0d060b2282",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:30.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:30.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'aiwei-evy.cn']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:30Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--1e6e4452-2784-46cb-bcf7-0447a8d7ed2c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:32.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:32.000Z",
|
|
|
|
"pattern": "[url:value = 'http://airmaxx.rs/EAZX/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:32Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--40292112-f2eb-4aaa-8a49-20c005d983a8",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:35.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:35.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'airmaxx.rs']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:35Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--9b8bc11f-1884-44a1-9ad5-2c16bdac3c35",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:37.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:37.000Z",
|
|
|
|
"pattern": "[url:value = 'http://benekengineering.com/65hJ1oD/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:37Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--7bb0b3dc-fee3-420c-904c-ec03e4c81f40",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:40.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:40.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'benekengineering.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:40Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--33e6468e-3206-4a85-aaf7-165372a63456",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:43.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:43.000Z",
|
|
|
|
"pattern": "[url:value = 'http://5ugol.biz/2Nkke9/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:43Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--beafce05-a7d7-40ee-a47f-3c8d52eabcb7",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:45.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:45.000Z",
|
|
|
|
"pattern": "[domain-name:value = '5ugol.biz']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:45Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--746c6396-ed21-4882-be7e-eb17ae03f0d7",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:48.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:48.000Z",
|
|
|
|
"pattern": "[url:value = 'http://bigblueyonder.com/mdP6Pd/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:48Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--96f7c568-2e34-4106-a261-dbed93540c3e",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:51.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:51.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'bigblueyonder.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:51Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--1e28b824-5b04-4022-95b1-8c144a4b52cc",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:53.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:53.000Z",
|
|
|
|
"pattern": "[url:value = 'http://jandkonline.com/2qBrQ/']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:53Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"url\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "indicator",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "indicator--66929aea-b5af-4d24-a49f-79651375a710",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-11T14:18:56.000Z",
|
|
|
|
"modified": "2018-05-11T14:18:56.000Z",
|
|
|
|
"pattern": "[domain-name:value = 'jandkonline.com']",
|
|
|
|
"pattern_type": "stix",
|
|
|
|
"pattern_version": "2.1",
|
|
|
|
"valid_from": "2018-05-11T14:18:56Z",
|
|
|
|
"kill_chain_phases": [
|
|
|
|
{
|
|
|
|
"kill_chain_name": "misp-category",
|
|
|
|
"phase_name": "Network activity"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"hostname\"",
|
|
|
|
"misp:category=\"Network activity\"",
|
|
|
|
"misp:to_ids=\"True\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"ipv4-addr--c31a0c71-c595-407c-b9b7-0917e4400730"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"dst_ref": "ipv4-addr--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--c31a0c71-c595-407c-b9b7-0917e4400730",
|
|
|
|
"value": "50.37.10.78"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"ipv4-addr--53c59c40-58e6-4d8c-a861-24bb8822a843"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"dst_ref": "ipv4-addr--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--53c59c40-58e6-4d8c-a861-24bb8822a843",
|
|
|
|
"value": "75.128.208.218"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"ipv4-addr--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"dst_ref": "ipv4-addr--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--525b0f30-8a8b-4ff9-8c3f-11c3bf8f949a",
|
|
|
|
"value": "70.167.17.7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"ipv4-addr--7d2aaca1-c608-4680-88fb-13130c47b90c"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"dst_ref": "ipv4-addr--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--7d2aaca1-c608-4680-88fb-13130c47b90c",
|
|
|
|
"value": "65.25.17.131"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"ipv4-addr--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"dst_ref": "ipv4-addr--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--61d41b9d-8a99-4e5c-8671-f2b7ae7a8905",
|
|
|
|
"value": "173.78.254.86"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"ipv4-addr--f41f60b6-2246-4ec2-9c89-87ec9819a069"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"dst_ref": "ipv4-addr--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--f41f60b6-2246-4ec2-9c89-87ec9819a069",
|
|
|
|
"value": "105.228.39.7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"ipv4-addr--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"dst_ref": "ipv4-addr--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--f23a016b-f2bc-4a6c-90fc-e84f3ea814f4",
|
|
|
|
"value": "119.18.8.51"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"ipv4-addr--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"dst_ref": "ipv4-addr--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--2ff0710f-dcd4-41e6-bc34-6bf26fca74e7",
|
|
|
|
"value": "86.209.63.32"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"ipv4-addr--4c61e15c-dfd9-40e3-80a1-170ef44509a0"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"dst_ref": "ipv4-addr--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--4c61e15c-dfd9-40e3-80a1-170ef44509a0",
|
|
|
|
"value": "179.52.46.11"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"ipv4-addr--c0f4d74a-17db-4029-ad3f-7f77ab9fb623"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"dst_ref": "ipv4-addr--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--c0f4d74a-17db-4029-ad3f-7f77ab9fb623",
|
|
|
|
"value": "192.227.112.57"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"ipv4-addr--014f0cf0-d39c-4924-851a-e6cdcd6af8ea"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"dst_ref": "ipv4-addr--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--014f0cf0-d39c-4924-851a-e6cdcd6af8ea",
|
|
|
|
"value": "70.183.98.85"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"ipv4-addr--83fd24f0-d4c0-4867-aa23-a35257941acf"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"dst_ref": "ipv4-addr--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--83fd24f0-d4c0-4867-aa23-a35257941acf",
|
|
|
|
"value": "69.129.91.38"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "observed-data",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "observed-data--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"created_by_ref": "identity--5a68c02d-959c-4c8a-a571-0dcac0a8060a",
|
|
|
|
"created": "2018-05-14T11:53:26.000Z",
|
|
|
|
"modified": "2018-05-14T11:53:26.000Z",
|
|
|
|
"first_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"last_observed": "2018-05-14T11:53:26Z",
|
|
|
|
"number_observed": 1,
|
|
|
|
"object_refs": [
|
|
|
|
"network-traffic--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"ipv4-addr--fb286ec8-f785-4e14-bd9d-1f20a137000b"
|
|
|
|
],
|
|
|
|
"labels": [
|
|
|
|
"misp:type=\"ip-dst\"",
|
|
|
|
"misp:category=\"Network activity\""
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "network-traffic",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "network-traffic--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"dst_ref": "ipv4-addr--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"protocols": [
|
|
|
|
"tcp"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "ipv4-addr",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "ipv4-addr--fb286ec8-f785-4e14-bd9d-1f20a137000b",
|
|
|
|
"value": "82.211.30.202"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"type": "marking-definition",
|
|
|
|
"spec_version": "2.1",
|
|
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
|
|
"definition_type": "tlp",
|
|
|
|
"name": "TLP:WHITE",
|
|
|
|
"definition": {
|
|
|
|
"tlp": "white"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
]
|
|
|
|
}
|