misp-circl-feed/feeds/circl/misp/56e986fb-08c0-442c-a3f3-5390950d210f.json

835 lines
211 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-06-14 17:31:25 +00:00
"type": "bundle",
"id": "bundle--56e986fb-08c0-442c-a3f3-5390950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:01.000Z",
"modified": "2016-03-16T16:35:01.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--56e986fb-08c0-442c-a3f3-5390950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:01.000Z",
"modified": "2016-03-16T16:35:01.000Z",
"name": "Locky (2016-03-16)",
"published": "2016-03-17T06:53:20Z",
"object_refs": [
"indicator--56e98728-8538-4d7d-b231-4583950d210f",
"indicator--56e98728-4d68-4b3f-9657-4080950d210f",
"indicator--56e98728-9e78-4013-8d26-430d950d210f",
"indicator--56e98729-8e74-4189-b118-4f3d950d210f",
"indicator--56e98729-6364-41e5-80cd-4ed6950d210f",
"indicator--56e98729-f1f8-4ca9-bccf-4f78950d210f",
"indicator--56e98768-3810-41b4-bee1-43c9950d210f",
"indicator--56e98769-231c-4f65-9c72-4e08950d210f",
"indicator--56e9876a-4660-4501-b6c4-4d94950d210f",
"indicator--56e98780-670c-4e4c-912d-5ef5950d210f",
"indicator--56e98780-70c4-4a3e-a99e-5ef5950d210f",
"indicator--56e98780-d750-4c48-bb14-5ef5950d210f",
"indicator--56e98780-4ba0-4e64-9aa1-5ef5950d210f",
"indicator--56e98781-57e0-40fc-8453-5ef5950d210f",
"indicator--56e98781-44ec-41f4-bf2a-5ef5950d210f",
"indicator--56e98934-8ca0-4735-8ca2-5f29950d210f",
"indicator--56e98934-4e00-49b3-a1f3-5f29950d210f",
"indicator--56e98935-f478-4bd1-bdb0-5f29950d210f",
"indicator--56e98935-0668-4b69-8ec8-5f29950d210f",
"indicator--56e98936-db84-4fb1-ac83-5f29950d210f",
"indicator--56e98937-f24c-42ee-969c-5f29950d210f",
"indicator--56e989cb-2480-4759-aa7f-4e98950d210f",
"indicator--56e989cc-2e60-4324-aac3-4b34950d210f",
"indicator--56e989cc-8b78-4cbe-8ee9-42b7950d210f",
"indicator--56e989cd-1028-4ada-a6df-41a0950d210f",
"indicator--56e989ce-2008-4750-99c0-48ff950d210f",
"indicator--56e989ce-24f0-464a-9f31-4044950d210f",
"observed-data--56e98b35-d00c-4c0a-bd38-5ef502de0b81",
"url--56e98b35-d00c-4c0a-bd38-5ef502de0b81",
"observed-data--56e98b35-7ce4-40d9-b8e5-5ef502de0b81",
"url--56e98b35-7ce4-40d9-b8e5-5ef502de0b81",
"observed-data--56e98b36-e034-4f29-aee7-5ef502de0b81",
"url--56e98b36-e034-4f29-aee7-5ef502de0b81",
"observed-data--56e98b36-b20c-494a-935d-5ef502de0b81",
"url--56e98b36-b20c-494a-935d-5ef502de0b81",
"indicator--56e98a0c-5938-4997-b8d1-4b2f950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"malware_classification:malware-category=\"Ransomware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98728-8538-4d7d-b231-4583950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:44.000Z",
"modified": "2016-03-16T16:17:44.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://vikasartsjodhpur.com/v4v5g45hg.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98728-4d68-4b3f-9657-4080950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:44.000Z",
"modified": "2016-03-16T16:17:44.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'vikasartsjodhpur.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98728-9e78-4013-8d26-430d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:44.000Z",
"modified": "2016-03-16T16:17:44.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.168.188.178']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98729-8e74-4189-b118-4f3d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:45.000Z",
"modified": "2016-03-16T16:17:45.000Z",
"description": "Download location",
"pattern": "[url:value = 'http://webmail.p55.be/v4v5g45hg.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98729-6364-41e5-80cd-4ed6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:45.000Z",
"modified": "2016-03-16T16:17:45.000Z",
"description": "Download location",
"pattern": "[domain-name:value = 'webmail.p55.be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98729-f1f8-4ca9-bccf-4f78950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:17:45.000Z",
"modified": "2016-03-16T16:17:45.000Z",
"description": "Download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.182.63.62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:17:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98768-3810-41b4-bee1-43c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:18:48.000Z",
"modified": "2016-03-16T16:18:48.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAFiCcEhir3O6t9QBAADgAgAgABwAYjFhMTU4MTEyYjUxMGQ0YTYwMGVhM2NjY2VhZTBkYzVVVAkAA2iH6VZoh+lWdXgLAAEEIQAAAAQhAAAACneRG4dN+dyUf7X3ekZWUDwK55R3/sHRf3HwIy5Wb7sg14m8/iyEJSMEZL4F/tmx4K6iTg7z9kNxK5DcCXjsH0tfmeVsugeaJqwW0TXivM3j0bGTc2R6b25ICiZ7qPm0jOAPb6+hWIh2FMTIFgwUdNhjbzuFCco+r7jUuHwb9ezBVS6mq5pV1tVZSdmOZ8C7/hnyi14uFvjfnNtTKywQ2/j/PZE+6qH9g04f0GzAtdYv/2Utcw8kck2yIKV0NCw4jIgLMzYpoSOeuBo/sHVXRGdNgQPcED9HlDejCJKmloalRWjkmaiUTVEFxWPoUzFkbpYQnGYJxcGeD5IErjohOb275rWOcncpk/uoNTjtFRb0++5TM2Dnl5MSbdhO9KHn1u+Gt6w0q2oO1x9Dwfr8z6xytt1e3IsQY2AyvSUJg+rHySPdZALYsQmbZSlDX0loV4A7u5R2TcqtabZKmXJ33mIiptVEJBr/mRlWbYDl3fJV3YStth9ZIoxd8VJKL9hmZMThPOHPopRMaQFqeGNmSqAg/tChML4kRS6/mTVYyjtEfDfjizWZHNvLFdPIlEttG8cNYYrtRmvQUd3KK8r9a4sgzzzHhqbg3ZY6fqaV+rIOG/EIV1CuVmBFBMHu45XRZCz7xp7VuOO1iF7oJok5qN/f8klC2FFcGVZAdwM1O6gRcQXWzh+tHNaDEg6abDGSvUcZGAs5ABtpY2qcKDecWFiqGjA3BlVUpg7Z1cTxbHFXHmfTECY7cNulsfgp4QXFBqBPBDLjru1h6rFPtejQ7TZdXuBmJZVg13Ujx82jtBXBLfnIYP0LhLT0B6vuwCdW+ZCRsRgsrX5GT58u4m2TeJvPA1KX4Zw1moW97E+sGOg2OVzlAwMj6ItYdSL7rFhorZaI9cvR8x2sytzRWwLv4gQON2dGr447xWjzRnbEFB7JDvvDCWawWIiQ5QzPwiwnFuLOQdRMJLLbrq0UfHbdUxFL3XFt1IFQTrar5rM26WL7aEY+lccw/RAELdf8TkvGUhptWKdTV2yD2RG746qt02XOsLBcpbTztosKmII0FTrn6lOq2PJicEivKkh5nYvYgckepB/HNWaIxML7/By6KpsBtxh16p2Gb5bSXF1ANwAFzImsxukAtt4E1GLfJRdDVuMAgew3xwvZkxXhV4UgmxaeNsFy6p7sfDbj8mDR0TFMWC/s5q4DgIP91eD3cgYWdMAUJ2p6tyrmr02NZS09fnuG/ZhVxBerg1asLHnUNkWj8qGWhUa2c07OAQ/+MhVUFWmZ8QrmfvdTPwsTCZDysscpKdkGEaJ8u7KoEkPtX31V/0SHqMDjwaGtH8a3v3/jb0LSiZeh5A5ceyDrvleufz18piYwMPnCYDoVhjaQ3CeD86yVWdGOUD82oGCC3+wAaiCTGGam6OUK3y1Q6/1qzly1cSXi/gzNGzd56+JO0OHcI8fxj+YHbsi2f0FM48nQhef8VAhABnmmW7VLOdCt14BWuuY95OmNiIAbPOkIuQGbNihEdXZ0zJjyLDFTsiF8Q+n0OfCbI6J80PjJ12h2H007RgEJjYk+nKxwUrqPJC7HtL3xrtAOdak8mWdaPQjatxTt0gW+AGcl35qHMN0QnAqBhqV/lW667zhTCCkBJyOIQP4G17K4kxNP3vPqP2THlR1x2R3MiR0yXLR0xJ1nqe5wsI/sCfaRUItREvbB/A2BuHBxTuZRfuuiGTAEJRZNw/+b5fCttSxolqOCUIpaUtmkk96fpor79APEWA04UxUEhTXecGrtGa5VS5Ml87qFGuag7b062gczGAzxX8CGuoD3ZZ+7UV90TQ5fYvvtb/+Tb791HJUr9z++9Z/pvLiK6a1hWeideUrjBDUEPV1AbqEC3ctcYgzrxWa+VCiCGy32Jt1nsazf11WQQBLMC3OZvxyGEvOG2pPmiOiHxEowugaSQoPyCy82QAafP8TE9dN1gSq2RHYTTLlKUk3aBB2XE8FdtKMHwu6NfqAXKCG/mJtPynGTIyNAhcQ/jnzFcMGOGo/15SNEofNrfEASaX6zEhDsTU6SHTJUnw1QoSTRrqfWYjbQaVMcap6C2pXUKV9s0SWT+Ndm20f95AkTPTcnKlUPilmX2TLvh0Ilto2xX90teNGaZZwxrlLBZUaaZAM9lJosZdN/HHDOM/LX46A3a0vARcexIIyHSvunuMcmTu8jDGf3pcrswyZhPzDUFlX8Si6O8orSZ5gqLFwt/86099U2yts7ggK2oCuCsm/uxs+jQViPi9gFfaQULwGKO598GTXH0CjV3/oGPiBJ//w7ZWB1pT3SB/PDfJerF1BKlYBITRFWBONPEBwmUvVmAzzUZhg68oQWkc/7pPwo/rrdZARoFUrg8WE4sGjdjfrYoj2gAN+pm32LmJVJHHLZt7/6q0rY9cGSBv4dt9L7LGB779ehDroD50xvwunwm0yaiAd5gMlYm0zgpj3HO5f6LSx+DT2tJR8wr6tFKMszLlcofEL1+1ekcv/G2g6jagzv+nXLikRJvYxjh7++X4WF88APmU6ua7A+32/+RoWqzPqf55mzIEviIfDvRCZBfS/i1O5C/VvgmUGH3O9apnkAV6nz0IDccSvIki62k97qDJfapci8Sbzg9iOLCnrLwyKva73tqkHnAvNB0qbxySTAoQqfXSTWTyCs2wY/xn63bSzpm4nzByZfr0L8Mk7mprQFHemRYpooH6EJrT7N2Fee/+WmtjCGPxcm+eqzQfArqmlc3raJorGP/YIyWI2WWyIAXZYuYEm4zJ9ToGvSZ60LxWstOTJf3HuuWzpknx83+sa9mz8Qk1JDKkFEG9PCD1KM7o6+JDpva/FIMn7NlJ2iY8AQpc7C6b4OUKnzTY0qv1HDAKlhL0Cyv/tljxVwlWdkJjIRwM1N0rlxEXzsk6wEw+6uZzir+YTmMg6xRd1ddFHWvjUqjQ28PtXP6cqrxf/sLk285q9QbPVb10/+6TuvBjv8qu7E2NiVpyGOsfgRFpO9m7ACDOQV3ExtVJzC8oUCPxIUmb1eAMQLHRCFMNJJF+pXBBScYOqmlCoj/WpdF7di/tR10Z2PWJZ4pyXSXO4nsT4cq8/p8mcd7q8PHdI4mvjmXSu1qYUOLDWDtWf++L2dWsBY/Y9/k08gG768orTCksWa6lzJgO4GJq1xJQJ8lG84FFXxODIwFhS1xMpY19wwU24i40rvRcaqcEpj8DgGXjL0piYr8pKJOXdnLy/0CCq2vGeVGL/XoRnaAqFuipoUMRTlEhNrmMXmle8cLFzs9ExT0CXDGLm/e8u8t0+NVKPMIztmq/poDEUFbh2d7MryIGeahu7D76BG4FmflRFxB7SkGr4zj7u1p4SDvlvYn4/vUpLNnmF721jQQUK63quvJKndl0mHa4EYqE3K4bezAwRrrY5KVPrMczaBJgVBeUuMwC+CXS9UWFTT4MblsbaUh+0ecfl2kJGnLP0kwg78QHYXT/SSdWMea6+jk7hsjdoHWDpBD4KuIt1GC2Fno9+7rTGN4UA3YziIAyu4CrQpfIOuCQ3Mf/L/rS9FIZocde/4GTn8VrZp96Orh3ul9z76Tegn3rGrzWMobLQgHLur8ICCyC5GmOWT3gO5v8v4vRxxmyh/LLS2M/gBBkVuLpNAAnRx585trkKykdselRPM9Y8W0jF1Es+0kFSnuyF9tJQHkalUW5Mp5NWEM8mPQcwH2TLDSFN983XGSI4xVDb8e1D4+imelg+7BRoObJ9lIcG99MvK9lIq3MYg35Dt3BEiHYGw8A6a4+3y1Rm5k95P7ewiyMIzyVfh/2vjHe+usmvhLy7bvIzx5fwLHKUAlNmXbwazMY64CFCo+EV/A7vNevo7v77+Lq3OTYeh+DszhR9TPR3ItT165ysUe7xvMHyXalqqBcvsCaN+Bi
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:18:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98769-231c-4f65-9c72-4e08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:18:49.000Z",
"modified": "2016-03-16T16:18:49.000Z",
"pattern": "[file:name = 'v4v5g45hg.exe' AND file:hashes.SHA1 = '5095698ad284ae0054e58c8e8dabc6c4e121a48d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e9876a-4660-4501-b6c4-4d94950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:18:50.000Z",
"modified": "2016-03-16T16:18:50.000Z",
"pattern": "[file:name = 'v4v5g45hg.exe' AND file:hashes.SHA256 = 'c001fccbb274a2e8fda7f394ed5834c7841760ccd886e07046b1de545b2c36a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98780-670c-4e4c-912d-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:12.000Z",
"modified": "2016-03-16T16:19:12.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.64.154.114']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98780-70c4-4a3e-a99e-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:12.000Z",
"modified": "2016-03-16T16:19:12.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.202.109.205']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98780-d750-4c48-bb14-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:12.000Z",
"modified": "2016-03-16T16:19:12.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.254.181.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98780-4ba0-4e64-9aa1-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:12.000Z",
"modified": "2016-03-16T16:19:12.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.40.108.39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98781-57e0-40fc-8453-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:13.000Z",
"modified": "2016-03-16T16:19:13.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.127.231.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98781-44ec-41f4-bf2a-5ef5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:19:13.000Z",
"modified": "2016-03-16T16:19:13.000Z",
"description": "C&C",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.195.12.187']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98934-8ca0-4735-8ca2-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:28.000Z",
"modified": "2016-03-16T16:26:28.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBAoACQAAAE6DcEg2c33SzwwAAMMMAAAgABwAZTFjNTI3MmFkNmM0NDAwYzMxYjExMjNhNTBhNjJmYmFVVAkAAzOJ6VY0ielWdXgLAAEEIQAAAAQhAAAAu2LeaWjon6i3vXbwE+x33hcbcnqVdSw56yN5/QXFEPgbkqCa2Le+mpvOKH96wmNR1tpvqvpO9b1ImbvSsTsc6manue0pnVSOvG7gQ0/IrrRxs6GJkFnwSmIS40sYjYJXHjcmC/dwopyzS8lptrEOAooGd/+igb/YXl4xWTaDQO87M/P7hWEWSlEP8pLdZG3AFuwGwr6qoSf97E80krOsc70bV1nCLPck5R+yJhPZMBQLu/kKcrCmihh4BGd3l6zyDfGrjoUs5eXDT2HtprHmBsRoQX0pN/IRqm75NTm/oA3Jy7isd/+ZPQfU58ugF2DBnyuqQWBu4QqGptW3kF4AV8VSY7nTbfWsx983AaOR7LOEo0FadHjhvioIa238H5JuQcLDaWbF1BZ4dsZiKqmW58Ioc1mZF3oUqIb2k9vdGDbIr96goR5/7wlTnHQHnvmqc8qYAXy+Qhh8d+ZDPm9kmGhN53TGGA2aWhzmXI1hYgdgde4IGXzeNUIo/2g6De82KiByuepnDkY7N/WD56nMxmtipHngW+a5NwOBt2HtJeTsryQAE76M/sOEXcNjTXwZUDsNJnz8WVKYb10HnI0mxr/kBP5eo0pdNPPj8gox+Ct8WxpItMXQnA0GsRM31NMOEsv1ewA0Z7ilhzHFOxOLgt7xdpjdNndYwuB12f86XeZWXiVUMeSHN5k5C4bHNdtexIbTrcM9HP/fKdcEF+0fjeZVUeI+p+KQAZePfG0mCmkXvexsH3EbPkEsXoJYtM1bGHECOwENj8jyvSmWq4F7H+fdIUSE/EdUtfryDJQ4vN0/sK6B2J6aH9QIEV6+Dof6dujRb5fpJFeD3nWBnLHiswjdzkY1kCtcrQD7Gr5tRxJIT5PgOJaSf8GCd6sb4iDWlBaZd21AVFXsUDT4PReSEk07PFRr1Hnbo/kKxXDn8tIFHuwiuKjMUEe2EzUK2wU1KLRpuNEgrKxCye20dOdn0p8EemoNp9RTgPmFR3k8OcN/p7zh/obN0LAAScoxmZq95XPo2ZwO9q92M61RAIglDiEDfldgE+5xm9quAC2wmgnNIJ57+H/5aE47NqleeHABtcoeoJbitVMfhhRe3JM8tx0d4wdGOpo83YgWpBDOdjZqaADXKFFi0GeyLpEl4Sy4W8/AuT0jP4AhIeafpYIU3CxgHE1eoRCsLf4CYRC3YC9AEdaJG6mmw+ozPfCpsRuKa36LafaDwxcm9P75c1lJEXRdcSQBcr2dCboXsr4Jhud3rwHHDnRrWKDYSb2M10bd2KJZL902aQb96OA8MRvHwWNDovilgyjszkPBc4UfT5sO8VtRjid/myq3XvGaDw+rvcpyNPnlpApb1S9kGkUgvPhk9Xnt9j8F8KWRGq2h93+bMnvCe6i5/vkqUBZS3gsNdtH2NxhzaqGyvLnNPxTzNyAwKG2UkBuJrtUpKYdT4CYGiRZEh3UWBOH6XnQ7avpu+FxjrYqCOBVTtX/nBlMxivoQ/pYn9p7tEJ1a9etbUMhTS0DtOyoagLuP7f9kTWx8LW125jXnBCFL2olJjE/zdl/h5Kb8uGKNkv6itpnUMqiF5RG8/Ec1PhsFutoq1y4zKnRfVh8joDahSYyFZ1Beg5aMgQ29yLAfN83uxYFFE1ejYaKH5asqtGH0sqb/oafKHlD74iB6eaYGS33xGgZvFWkmlmeV5Nk6LrI50Wd8bGLpQkYUC+gfNUVJ8byXXptc9ITE9D5+dzkmipHRs9I4ZKKWmFAWDA5uFxiSjd3Oz+zvD1oTjufmbltGGO37CL7+LweN4EvzmwR/DjPOxjKXKbM+FAVg/B/Wid1yqRSsZPD9d+yf9rUDG2p9hBuKDgQZXjCrXTTWYCFAshQpl+52tyC6VgSzz/zz4nebUOzo4hTPtj0VDR6zKqzbImPE0LnqYU/bcCRqYmq+glpK5sGOYcUzUTXhWCDQTd4l6OO+npg/RjTNqJueMXjdHqU98jzWVbp4UQXRUNtmX+K5i6fW1fiWKyGQMNM/wre66T5bT7oscCAbVI7ebXNFZgAjaLU2/zb8cLd8qC1/z4eg6K13z0EURZ+xVYKsV7bckWeLHzPnp1FY0RYydlvb+oOU+sGkR40lyCYtofgVqZwLzyB7LUFlxFGl3eXsF/neLf3kxIiDqlMGYfkyDL3PZHtgh7cnbvvXx4NG6oVcKhm/c5huT8pI9Fc9lDBrtMMslfBF6m5KygP3KKwtMx0/q67jlhwXNIWvNaisaAd2g4lP1CdXUBIrRLWz+7efv4uTeCtk6hE1HFoiBWlG/eA/hovXaJzXfzE4okkOaIMrnB0aYzaLbQz0IE0SZX4Oa2PfqDvg8QD9utPBv74RuvEHB/MmajiwWhdU0HuNY22SCB2iMPdnsbUQlCpi/Y6+b3KwxnnC4E66nNcS+IYknJUZ8vM//0cYca00eVp/Zs7AxPW77RQZSITZxx625G8TLFriO5gssbUFau65zP4pGrOfo6zYkQc0JvSeFsrfPtXqjuLIVfcDLP2Xrd21cBUnVr/V5qHRb5vEfXJ3Ig5VDCpuyGEwqtnyfD7R8h/z27OieuaajR0K792wg1laaqTSZrlPovuy/xkMFXP4nIDXO7rav54vOXKRbFafLkV0XW0Fy1RTo862F9Um55yXiBnkXk+8iJRFIK6JXaSwKzX3Ri7/b58ckVpTL7/TYozWFc/PvhrPuJ70xP1OhLv499ovfRDZdwksiF0+udaMGJL+aaDM7ewpkSsgS0z8UN4bTMYNXoedB9waeSEDQ9ifF6WDgH2UkFjvJBCvf3IR0Qr7sP0/hbWks5e+WlDaw8E/pkBKlxrRgJtrJ0YmLBNoAE0qo61HSkyKrOZTeP5y3X61fQM5G4E+od2GUEmgbUO+9J6NGJFgWnQ+mLBeiXO4tWvQ3nUy9SKgNBLjxchEplb5mC+7b+JYbAiKQUUVa4J9/3H2+z9bhvk1tEkzrLMslaEmxku6o/KphbfpJ6DDXjeJX/l7S1WUnAyRvZcQjbiQ23nc4UrutR3HL7qJFw0G+U0HjOZKVuzNZVczyYHuVApfqSw81ptkXNMpnltxW4f0v5mY7yud1UtPJmR8AYLcnzxtIguav0D5Gx6aWwADtddoFBmEv+hnnkRx2VVYUMtQgpH88yq9rX44wY0PWPJJ/2EODLREgom7Ssu/I7JWv91L+Rc1AwbkMvJPL35ZteEuDakgpowtcL56WsgWd7Z+ExNbCV8T4npaNm8wAnbpDokBxJMkEgbbbZREA4PoYGnzkpZF7LQRUx66GBRekL1sB1NmiypCk0BZhKaRMeu86HWKzsb16BQbG2I97SxYJFqKKu8SXJRylcPnp5AIhJHKFCkogZV8uyMFadO4cRy3rABkjHkuM1Oh+wjq74xfcewx21JiaXbhF/a67+BlQluNu8dnZP/CeWvqYkl5+Mw2H1B7/oQ8yyW1sb+a7B+U4gUoOd60iz9ZF4EiEbeCPWewdeZDflCbU8UPwxoR9F+T5AT+cGy8I+eSMi+YzfQSkC1AH3x+CEpvmNUaPtvjDLVNPWztKjhr/axpEiru/7CruAZS4Pv9rGMwkIm0RltDpHP/eEXxl2fvtotCGUMAVrStFRfmZEudnf9zEfHDdCJxW9EjFU9ULOZSW5pXs7q3c+Oh+DTSPL++I4YWY8A1NuzxJniisotiAupx1dhb31ZuR59K/BOacKvZtPOLwr7dX5AJSiQz0OBC19g3g9ichh0Ip2oazkf7P0rQyRpn8a7gtFzVo/zd/5PtDYNhH1BJURXn6LqvmEL/21WdSi83WiPdgnoW0qZoHq6S/+Mw1btVrAVp/Y5aUu+Ink8mo5VyewK1B7FwooyJ8in/rNuvXWL8zyzFU09WWpvNqn/+dGURz9aNogBS22aHGLKu3OF1f0DpMtDIXe
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98934-4e00-49b3-a1f3-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:28.000Z",
"modified": "2016-03-16T16:26:28.000Z",
"pattern": "[file:name = 'Document1.zip' AND file:hashes.SHA1 = 'da9240ae9ff33a66b4c167c2779bd240cbb3eab7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98935-f478-4bd1-bdb0-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:29.000Z",
"modified": "2016-03-16T16:26:29.000Z",
"pattern": "[file:name = 'Document1.zip' AND file:hashes.SHA256 = '8ad4deb4ed65d4eec7ac22e93b34f9c460dc788ce9d99d55e4643a75ff6814aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98935-0668-4b69-8ec8-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:29.000Z",
"modified": "2016-03-16T16:26:29.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBAoACQAAAE+DcEhl9DMRjQwAAIEMAAAgABwAYTdiYjU0NTYyMWEyYTE1YjY5MDk3MzQwODAxZDY0N2ZVVAkAAzWJ6VY1ielWdXgLAAEEIQAAAAQhAAAAaFzCfdWb+z4GlVq4wWlJfkqO8ZUDZiMA2t2MtLT/c75CmdaZL9qUs1QFysYZs3CmM4dvUdnA0QdObyXlZEondEn0kI1JhSFqvChHO7pd68NQVo5RJVehz79NiTh5GD0vLxGKonOuD0Ph60VM2NWH5So92nofJ4efm3bvNXmXSIQpAtYENTL5wR3ALR2EQEDAjJU/ZSzsKyT7q/W/9UzHYVeRtBGCP5nb7aAXg8hgywvD1RBHonD6rEFuPjCQrfH6ZzqWNFFKoRJ/HlH9ejL1ndSCR9kovOf7SfduHMx3NoMNWRhsw/FTBQ8eQs5j+CXJplVFvYbZxibaug+p/kXUe0293SheSnfXDzq0LlmaBQDJ9fNdvJnGlMjQF6UKiXT1b05FFGG+xgb6orM8J4zIE9rs27/s/nEX9oUJ8K77Lh+Fcf6RhJZ9pItIL7rhPvsfgZNZie7Ga4J48/U1+jZAh+NzjAh016G7Rzk8e3Knmg4jz+JMHix/3z3/GnBXNZagiXFmBTS0AD/QSOCPvkm5YRgA73Gm3ivJVUhw9+c5O/7gCeVqQr1EKRZT5y4GIGCxDerWRSXdsINNHxTb9feBOV1zuobuN92vfGbYRI9yJl77OyQ1EbHiUDADizSrrc3x1C1gN2dI4XNZxrJ9fAMhR/Wb9E/K9Ev2DZDUmbSEOwD+FOFcRHVDwmxggMSEI67OmMpTL0qJVLyYOkR1RLbgW8+7OcQp6nva0cv9quw0hhF2ski1Jp8obSFT/K+6/oriCsmeK3+6J7FETI/oWVtr57QjxDE5xfYlAiVRZ0fXAw2eFqrrXNFENb9enwqC76CoWod9EcX0JdskK5a/ms8sMyCGDa/+RaXe6hYHJa4X5pPGpbo2jwfE6R65XQBiKasyMN+wyRGOqo6y9tMu8p4/aFBfP9CTH1Ash6cuLOzxLhMjiYC3CDrWHR5oUD+xz8t9e1c3w/5KIkIkHK1Hpi13SPzGrPyHARD3QLeGUZnXpLCI5PWlHYIbUIKei24QMCksHuwEUbKaVECOYHYkI1pTAVbgwx/HisD0WAF6YlqmNkDOxQLCFwRuZOTG8pCmVHRLWKcNF3mlhe6VNie7e9vzPDRtlxSzAAgUyBQhA8QGs38IEAs7KgWVal7KMW8jHCXqVQc1b3uX9Ut/L/gRNg6TgzlTDHHVgd0tlGDXoeI7ih9WA1uCGcVLGjFfzeiruZ/xf15claCsCee0ii+qafdpqBFrQ4I4YSAkaKE0GWncjVfTbXQH2IHS0zVwIiBdHOwRy/K7BI17sWwU/MYNxersrHcHGAI1sfl8WgPSq6LwmE9G2EyBwBUixcDKzuRMqiP9RfHrWu80hmgzHIUfHqHPq3DBeKkL3onzOptNthcSihejXNO/ouUSOrrgKHl270wq0VwHAZAuw9ZVlunEoR/n8czUmcplTH5HvSzlD1e0PkQAeAdDy3hIU6eqliI38/nbUiQioCFoYPIvHsD9r+Wp/5CaPUDxof7rnqmtZ+YftwJnFlDXTmgfjCQU4mvexY+ItXdTIdaivThs7cyz1Al6j8hxD6WgiQtm9ya1emOj901JBYBYJ8XzvowK7mWXxiOEDUUM6BCnVtyz3zYdNM6s8ozUIs10LkSak7EQXwo4CsBLt18/oz8QecWYOznXUc3oK4LX2UENyKk+jDbsJDZHS/cOaXy7UeiJjhYyAJjwoVsjJ1nm8Ie31wJozrB039Rn7InoVis3rFrU+Mb+KKv8xhXkKJbngzaGSHgrGuRh7jywPhrU0k98VR+TDPfExpW81/dsDjUXEobt3W7WLF238evOe1L/3x4cub6MyblQi0Gh8vFHU1/W1Ff8Aw6ldiWxa4S7Wsei793G41nRuR8LV3rptcPeGKTKSbej1FlFkgwo/PqDcYQL4H9ZoY42yngn7vbOq8KV3b564Cv7EsDOAS0KeD00r5Ix654vdOVpzqZ8qFNw1TaoLF3/CqvFZpyWKxiE1Ry0mhS9VbQ5o7TFDXCwQZAjrhCNJPpDE8gvQt1kHqgPYTiQj2K6+8JOBad+X6Juq5djVPcRaAzR0A3N7GC73HqVHxz6TAnpalWCSvjvGTXfMeAJrykLCHTbson1PNjuE/21Wl8LvfhJVwsRfOZ/Dfd9+/tLHRWKp/Xft47cby+4p9VKH7h38y8cE8KAL7TA4CTpGOwBrd3rR9oZYGP3+xq7Dy9XSy1vCGnXlabc3qJRUC8VpZREHmMCg74euhVTfxPT8+tNOG19ZyZZ2OE6YZ145wSL8dnvwpgfJbsP65JSQRXPWw68EbOltT/rf5XWa+ywoJ0VE/tNNk2qYv9rOfKvuu8ccK8jONzcoDUDXBfLhblH0HF2ad8xH4klMiAtdD0KgQ8ad5GMl3G/xaGuzJ0ZC/51eONGujBfUwp7dKe5q8wdWY/r8C9pHHfTt3xzr9BI/cZ1Q1OdIE7YgH8adjtWiZAYJwfzPISW7SS8H6ec+NVE+BGgTkpkx6sGuySXqFHSRtF9sRGWOH/bjrWMt9lz3si9C7USgZGIZazIf/ox5DfQYWgVjbh8FuGbSH0u+gSkrXItQ6kfeEYpVy84nAVU0EtYlrJI/W5FCh+VrM7IEy8JCYFHwrqq9SbhtWH+Q74CZ5Zb3kukZu++EwuSxmmq1JmE7mYMg6N+DC1HcjB2BJ1hAxdzG5UXjeVwEHOxvW2XRfJSUYBuVxeAE3MkSc9Wx2Ci3/fC/PMODyATp7O+dYqd1L5A8LbyoP5TLBvKUUf6XZGpo1pOZbQP/RRHQaU+UiavVKyE13HbcEuqr7NPhVq4gBld24CQsVY1XHNqWGI5+STTbLhnhsRspLYAP1+vqJTQLqtth/Ybq19U2Gn1V7BHtiX94dPiCaAA3Gl5AVlmqPIvPyZZPI/IZ3R1G2mjGsFQDBAKo88T3i9Gi7/BBQ+lsxPDFxKF1WGM9VY0wOXfBWUqqsYVqQDSWqV6okEoJ1e6PXpbt6jEZw1Pk4OklBiT9UrCYSIb2mzuTyqC9rS0Bm7DpQ7UsQYdtVramxvFrPaiGXe4yl0uj2x+PWhmgzPZECTbxiboxCmY/qWaVF0vYXU3WhbIWtUHnJU1MpKphs0ECrniULwrut+BAJpcMHDJJlYXo4O2jQqMRucyQC/ewZ/ri6EX0qydrn5bYkRNt3qYsu0u86hrDSlETbxiShXk22rX3GZ0iZjVSZrWE5sNOkWjGkV3Tc0yPBzZjJ6qXAJmYjzrO4/LABnuswjaQMuYH0RYVFvcavKysq4lcTqRNZg1ubLHFXZZFqfSnej2+MJKUqeOfTqxEdjywQNvhi3qSWHhPSfpxvZbamVICkf9zjJ/9H4oGEPcSzSElNRG+I34bUF46G1gPcMgdWzdDo8pFXzdAYP6ul8rv69s+a3XjMyk7MQO9KOBDWcy0AgzAIfczkPar+uxkkffD113MLEedrvh5mh9qEq0yZEe7D+qvP+s7XsPljc2G/TPqjDEqFvzfhE1ATboizNlsL2Jf77rCpLxrxKURgCyZnmkpzGckAVgGcUYewS2kSfo8xgMZySI5UsBFHcEDYCzoUVBV+gTT5U5kUa2lTiWjL/0gb0d9Cr3TTGONOoNMBtv8zviZkpr94yuSu0Nj3/2fhhR63pFJ3ekXN9vfoynQ1YQDYZ86Wm2mdSqcpYTHzWy04lWXigrVNWywkVrY3afnf+t4V5BzFYDV7MZPWRFC0nQKLW3dzlUmH57q58Y/I1NXvTWbrBRwQy3pRHcpL2Xc492GR+I0kNcKE9ZsD2AeyJkrI+KxDxMlamKaTaBY60L5+xACfW8fAJVrQzqsI7l1nLo93Wza7Cfc+sI5VXFPEg/kfubwXRXFdhN+UMSxo28Td3/eBczfrwYZQJSloGWzUzeQf19Jj5lIDldcUZuV1v7lDKlpZ1ijm
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98936-db84-4fb1-ac83-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:30.000Z",
"modified": "2016-03-16T16:26:30.000Z",
"pattern": "[file:name = 'Document2.zip' AND file:hashes.SHA1 = 'f64034f1e193736e1d94e4692b7b09f7206acbda']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98937-f24c-42ee-969c-5f29950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:26:31.000Z",
"modified": "2016-03-16T16:26:31.000Z",
"pattern": "[file:name = 'Document2.zip' AND file:hashes.SHA256 = 'd2b084f9506c40578216df8ed3527d0244d9a202e5c1b1986981e77eb682f60e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989cb-2480-4759-aa7f-4e98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:28:59.000Z",
"modified": "2016-03-16T16:28:59.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKCDcEiIdVp0IgwAAOMaAAAgABwAOTQwOWQ1NGNmNGNjMTBmMjBjYWEzZWVkNDFhNzVhNTFVVAkAA8uJ6VbLielWdXgLAAEEIQAAAAQhAAAAzwya+qneGpjh7RZDpGpHpgFg/2ZxsfQJ5JNlJwh7OWt+dgcIJ78PRsb5m47b3MU+LU+hltRe3u1x91GsdBZJ29p/S55YfFEb0npR+JR8mle6pvOmbVte47dLzeT0soERTuTybvkDb/DSZUdkfYCXXW+Iuk1jPJwmsDB6AEUNskQYvC8QwaMXsEkYGEcDuQAuLNp4E1H/Iaxo+tehnRzsxMhBFzHg/2lO5op1+a7ZJCOeVyvUug/B+BJwzu7nqk4wVt4JYNRkRKN/xg86bd8E/nc+aQH3cD9YYSMzQ1FJvB4L6/1iHYf769+D4u93QjWkMJdVKMpKXIOR7oHFjZF8P1hYyXTPKrie0SnPvBMEyvN8RTXS1tXPEjhNWzLNzBDEFm+PzvoS3ASmCEpUBiB138fnLTiiqAz1iKeqQXOBj2+rOO3zBUz9YruOo7+GWYdlAzZ8mK3ip5cMyeBNr0Zi7jZoRXww0VpFt+mC48tncpUnjOCczDsnSx8FdvGi9ZHGprEm1wffQshK32U0EiG8SrE1TANQnf2Mu1oPG/S3XEGYlWV8n9fcSSf1VfYKo+OByaqopT3cFZCKRU2k7/zKQwzZCHSmLDDoH5Qwi5k0Q0+0YOSPldgN6CJyETu0gxptCrTXR3uFVXcVVLmi5MpPW1QhTILEqLNyh6k/rUaz1uR9+MnB84sgHjVsBAbIqFRxYN9pclYd2U0HIm/Gohy9waX9yxhu5jzdxiXyn1eQSI9E662Jm0MDEZ3VL+o2YaNT7lG+0r+YyGkT1u8+eF48HSiG88kg+/lTA4CbSdWF5CUIAg5sYyLnRlgHBsxNShXtnW454fne2JL8g0jyeY9xaS9pVuNI5jRxgXKuM5HGaaZCHUO6t/k0nKPr8h20B/SoBxH4ESKneElBfhJ/PUx40etf3o+Jq0eDYkOO+6dZtv5ofIC0MxgaqHNGm2qEbVFfoOd6tQoODvc4NCKdoZKxAsImQu4m4te4kP2C6A5CqmSzdj3dgpesooHtZl8c+yVAVgthLnXfH+z4IcSEOi92pyLVwNZr87M38UaXs2tFnHlqIpqXLaXRzlFdYI+ictGTJOBOkG1gUhi4uRKsUWnJTT5HrQvfaWz1rE3t4/QX2zwY6uo5azVMAt1nvpelFlxdju37D2OkMi0iKXPRJqAs2/ElbR2i6Lb5A5g9f91gZH1ZOniwM9xy9od99FacYEhWKxeAq6bhp7PqY/TdZuF1cQjcPBM48/lUUqGrsToTEuBlT6JFl7H/MkEVW87IvJk3pAW9b7IoMg1SkwHGhmbLU0jZoMDH9j+FiOQGAkeyGgM1mr2wqbspeMcWoaEBD/13TfjWPciqYXnweLbxmjkUBbJ5SdNIGneIVE9RmUpmvl75BUZo5MTr8tn7kLUxt1ymmkpVwhnw+ktWfq4cEyNPJsdwvgFMxzuW1AVNE+hdwYvnIIYjPIPEIb23AGm0uIU+IDSnVTcxZlLBby+BtSKrjUPZ0h0VdFM6r0DMYpM2PRDNrMszXayD6LX05BwoaPk6lvyksBX2VKoT/t/ozPRqV0Ul/LUZvGgVHCCC6ojkH1+uJqblFMLEThMYw4rb/F3q3OGpMibOCt/yawaj9xUgxjgjXG45lam3+B8ni0pCB/uGuv3RYya4AeuQhVLYQDC4XBbaRCzpnc8M5UVvv63deFAiyAUgG6wVWmAIVgChW/Ozn7hVnn3SfMxNEq6mOfk2Ey78IZqxEwPLPzqJ2f0x3CP2NqCjt2Xej/Gy6ag7UFbtx7EmRfsZhZRrbU1ojNnnzSefr0endR2sVptZyS9Qj6ZSGzP60xU2cHxo8yI3m2fhgxblrr/JAopzJbfOQKq/vfithgadHbXBEOIvCqTdkgYC0RCBhOI0+X79nWr+zUmJMT+aez2NxHExJtsTJaTnV//Zf6Mt59ZgW56oRGuU/aIwAmrijEoE7AK1aA9eDPW1SiCHzihFyoYbOmsLgLTxqqNIW4LLe4aVvYCvsr7120O7fPUg4RmQXIN1yCSK7eoYmHb5EnXk6UIy2thBF719b+fHCmov7+/QbWByo0ap86qZw/FjxTBXQRuiDw4yq62gEHb28dE7YkXY9C4dzmW7n+x5J/nUwj5LeJtX0dTjAlMZzxikavDYcIRUwpHc0LZG/UXdANlsqdd7rB904N3S18jq6Vu5f6wIFZOVjrJi81CNJSQnPxufGkAuNUgs7oOMJe6RQLQ+zkdLQO2djGIf5nUpBLTM2M6SN87y2WOprKG3KpuDbm9/mHkE1FF2THX0qo5CuOxA+fqaeiymAR/w2udQuDfYSH8QYd8kJFKKKIFwIyaWOllOaxPAEGVpitja9hQow2xwU4g626dJXbuiwJJR1/tSD7B4BIoEoh6EHYtp0oZYEvygkMCEOzksVtJ5uW5kINYFECAXBpPsBdoATH99kShGT+myvDgu1TQfMcXS0lxZtuOlvTlcImIjair+acYAMou6uCm9ef/NYnv/pCzpSmRw8Sife3WrqQQhI6QUS7Cy8UwmZJyALeEMt8MiUQ8rsc2pXl92uPnR8IZYcv9UIrQrqhSHKA8y+j+p/zFl4FPj3eHvOZzInlizKWgPZR5g4w7f/Do4S2hZjWCG+FecsmP4jO7l5eXnMzed/1OrwivVFUExYxvYjhz/M9OvD2pYyLldbfntJaPHzk/MI3hQnlfbvMoy84RgNqB+i2tL1wOaow6VxYqiOhHCXgNGkJSUkXZlrJLNQGk2zzlp0Dzvyebq4ONVRbix6nrhYMGAUGvmhFIqDTsTxGmBQIpW27iP1jzaki+RWAuye5TILC4qTl+9/1KqOZIR4viE8IOpFHsPKTZhqw4g5xPHVfkAjIOWCuD2n7UPOpsb+9Lfmz+BOgS8udU93DQNJeh0kUvbUWp/vlQgvj7+25tzT31px6Ca4Cm2nLDRYEO0vEufmziOTnYAgYktP1BQDJ+Ua7Nh0SPM2rpxtmRug0vLDQH4hrQIUvpm+syXCAQG4TUziY/XvE8qiKtxnfdwHiI+IBkJKe0nlXAV2wzvfUNQQFkmhjihWhRarq/qdyN7zqEBxAsdfuZxTbMItRSpdDR811r+vULtnr0qdNopXcs3Y8B1zSdd5EGeXLWKLSezvikZT6SllpZAEPzjb7LPexc35kU7dq9XuUXq81A0O4iZXagvJCOb1tb2ATfGq6eMq+VOtdHIkyOGMNPVj83QPGFDFVsS+61KkG/VF+oQs1mHpsfYHZVLKbnzPMUEGpO3BuWBWRBD1v5y/yahXIrpKHVMTHFt/JBeOQJVVPr6QZPku830rjujqQj3g+K20Zg11PaMRTiaNskvOCxWmifSEoA6BxQ6v5vzvS8Yg2HVpz5vb1DPkVjoQ4tgV6MlbgU1SrUzzoqzZw1B4p0VfQkgoCQ6COHASviVnTpzFrk6FmyLkhiUL8XaimVn62uUe/MYtju7fQUj8eMxvMry3k8QXqknSHTmroTM53U71/PuGE9WwTMYFsskb7Jwd0ZFo1R85wZJcwhhynatkiJVc3zCxDnx4uLWPqI1RFi5smUlC+2ALYfir5ihncUE/itbsckiQqmI7lPGTBIPy76GepPmhbxt6Bc33Q0J2U+JR/Tpb0d5Kb8lK/ySVCWJSTA3MGYhA+Pn2xEqCR3QMbRVMPxIBwtRt4kgkQahNISNCSmjbOJWBeEJLglz5gyi+XhDRtC7HbG5YTMlBJurr1VcWFe7ZYrSQbKC5zdPQqEGrgkPG/wPvj8uexpfYSrUBUor2WyUrrj7u4TKBRzzqVR5RNajZdDg99eQEEY1pefFbb0vWE7AKBdKEZgVnTV6V6+GCy0murufgOX53DIPKctkUlxMvdyz2JHmXAu6QK+ms9OMR2ZL9O0Xm7q9jprIK4UFNBmRqEu2tUqXZusqLk17NU
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989cc-2e60-4324-aac3-4b34950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:29:00.000Z",
"modified": "2016-03-16T16:29:00.000Z",
"pattern": "[file:name = 'IIJ1622218809.js' AND file:hashes.SHA1 = '5e6c1df6ce5f84971e7e1626bc1424fdb0572639']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989cc-8b78-4cbe-8ee9-42b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:29:00.000Z",
"modified": "2016-03-16T16:29:00.000Z",
"pattern": "[file:name = 'IIJ1622218809.js' AND file:hashes.SHA256 = '5de60dabe199d2071fd497cf3cc5ddc805ff761eb0075f85fcf1e59f8638484d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:29:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989cd-1028-4ada-a6df-41a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:29:01.000Z",
"modified": "2016-03-16T16:29:01.000Z",
"pattern": "[file:content_ref.payload_bin = 'UEsDBBQACQAIAKGDcEhTbNit4QsAAK4aAAAgABwAZTBmMGJlOTNhOGMxMDNkMjczM2IwYWRjNzAyNzUxZjBVVAkAA82J6VbNielWdXgLAAEEIQAAAAQhAAAA2KxIXr3lO37wyQc3akLu7j2pafrD0+kIU6BWiVWYRUNS/Z4qFx4CMns0q1xmH8MPn+lLNxECwNKTEznjzthDpcH3BhSEkRQ5P95RaRkS7xwg7KgqnsUOK1Uilm75oIbCbRhCzpnZHHrfVeP4NenVRvNJik4nhsE2lqLQrCNAWP/2dbQnl2Q697ck3iT26ULcwPuY0SLQlZr07grjYGTBEzJgF+mZtIM4t2vKhszUAZduDCJ+OLC7+2MiX822O3qPfSDMTA5psHIVCO8xDe9Ov73Z3FT55dukTadZjmEmc5IoT2pc5A6BFG5PZxbW93YFko3W49/NtPNx322U8gPrDrWrKAUW2Q85zCdBVzUr5k0DIwGAZzeU1CFelfgwqk6gJC3haHnkAG459smBbS+mYPEP49XrGKKkAYI+2zDsya9f//VUsl7mWEo1GqYdbr53m3JvbVIQMM4LAbvjZR+rGp5xzI0Vn0QqSxpV2p0+O0qxMbJQM/aLuIZEV47Xv/DwOfbiSJuO582twjfX6qR1o9BSAMPDeUE7M38GxbVc5bSzH10BWSJtgOQxWAiXq/222pAy5KvLEy0t4TnoUiKcwMr9puXAnlyLuuGYr6EgDiVN4bqJBh+fmOao/vRmKSvTqhTknpOHNuhwFhFKwNkM4TJRVLd5uWuMjVLAjkzZTUuN9oNWsqjvOankswzMuOVh00x9waQREt4Jk4A2JE6g77npW9713XI//BzONBrIhHvqAiZ47HdQJewMOmFGeTnvJ3QxsoCH9C6V2uOiMBQ397o43yfhhI4NwiGVYJg1qLP/CGpp/fvvwGQ1cRImIknfurr3Nf/6c9Yy1bDoS6T+5pU+WMxOTbZrXXkHgu45u0aSu24sx97dSSJStnbD9IfgJhyqHqXX1OXMh2meWLB/u57/q9EeFjd5b7SV0kkG5YpZYvRNcuEuj/MBZiTwmqfBLV7nhCJhH2PdCRhoHKUVG/U4sLE4yImSs2gDaxWH5aWfoYyErBkBKk5RRB0y6G5fwReDFDyCC3ycC1ipoi97GQdUP23vdFqp9QyWQSizHRbBGIrUpV7+U6vxLnMRTBu+QWwpXpYhmwHcxiF261Z7otSElMfGTCZJvIydhrSjR3xxkdilZgNbRSkcGvitnok8B6PaalbuWRMp9RPnkU0fJlM0sr7w4zVlaxvYwvKNvDKdcYvSatkm9U54WQSrzIlMXs0VrKptuDkJiznc2SExWQ/DxvC4kgUKNp6gFpVnejSaK9DOmgITvgQHvkkqSZ5hHUw3EstyyFnAcvRFsFV27CNL1Pwo2d+Iz9RcgyRMqFVkLnSvlTz7RTEEGa+O7zMPImX/xiykn6NWqCjk/roR7OjQKE/JmlzoR21bglQSxgeGlYPDRyPn2pSTJTKonOvO62tPjoD7rCt2jACsaTUKYpxqSBxIyfm9hJg22sDN9PrbOIGYyr/uWR31k05bNmc3vE5glp8KWTmXriwxDe7ukbCOqA3Gk6C3AhwhZzAOptql8HNVijQp+FVaAnxYK7Evz+F5Y0asNt5o1+0rz1Wmn4rWTATj0yT5NDROcEsaVxOS1Q3MZ7A0aiECGBt8cG/5f4lkOcMwYxxCsf2EDnoOIOIjp/bTowAfwkkaQv2qMe9pprVDeGI2jLM2kRFieEM88ow7qBTJw7CCjTWeUhde+uU2qyFZlkjpgD0Td0RY7wfsKxsJlicFCBkApXLc7TTt3IT9o1VKOX4ZeXU5O+pqM7UBwfu9Mgwe0TGj+gekqd1OYJlUQ/ORdLkEhjh+vpg6BVzc4QUbfQXEolQI+i36q85bSrVjhmZnyzmQNDb5650gmZ9Q9daACLidJcsfiRBepfVRBdi9mmIqJXJ9RxJWn4zmsAEd1SiBWzWacW+7mGI0rGXU1kyFQpq9ebQN5/90H31H/ogFJjgV8Ifrcyrq3Yrjpkp7LMPTr7NqbtG6GapFOZ1o1uyLDxQbqlndw+TineyivUPNgYQMlB2T4eB7g1/7mLCTbeWMLipYUVo4tExmduxOfr8h6Grl8FletH1RpnKQgT5GDBZAZIF06BKeSUHitAQ2Qv42k3aVnTKB0DUQngEXq/1a3cowuSbzUOofkA82FrePvoOrhDNHn/lGxamBFel37wUCWbB+uc43AFF/TMwME0FVzOKbfx/SkfuHmN5qntdNTSXPI8/9c4aNP+qhEwGOzgOaZJ5N9EKuJyJfXJ+MBSbSNX/6zRndwd0ysO+KF5MCKAiU/IZappEaYiw+nzTDEVCt3y33txTjgZ99sMKq31dvjUkwG55oAWmdyE+cra8bS1zSB96BOKE/R2g4ntdmko/bC4btsTPjEaxqW7WdyvA0IC5FpC2wCX5qcPpw4oauqn+t5VYxiY4uSCUGn6xYAd5x+oddVlTXK4RQb9gmccpIzIOsFMQKiBiqRm1BHZ5Kyaii0HI67buzeGHxCc2uYa8NeGXyK/rzzIwirDsRhBUDtihzr0DBhznVh8ifYVPLWqIPI+CmzOx0In1o+3/qoPqAH9fIQRLQWNS20i6ZvOQ63Os4/4V7+Gm0J4YgW/ZOSRcLZIcVqvGFCB+oMbFba8h8oXfsiflXC4Yp3FfHVDaUzQnfbUVjRAIM1LawgKXuS9n89wmjn9foe84vI3iCKQIgcgVC08s1t0hlxMewyVFcJxeaPvfoCL7jz32SuvDkRawTE39N952MmE6uQSFvuZJpF66DydpPQVl+zbid8rbMJXubVEOuJcwx7nOmuIiIS5kuGyGDRxEPkXlqAZnwlNdYgXkXkSVEcczYKAVb5W8Op9ZuszB3tLztuDamXykpW6A8C+WU/tDKkE0R3TSLPxeJdwxoeURkGj+Dk4m35s8zT6VVEw7DoLnDBGOxPaoXK156XtqTff4pCzdWY95dd2lLvR4qIVSievYAFMt1rPeso2yO6nUkfwu3ZQBjsQlnQ2vvaZnjDH8HXKUD6BJIXBbpDtzgGr36B7Aq0so7m4byjjsvg9J19kZ1XM/p7dyIFxvg9cj1bfM/olmXbUJ53lQ1Psri4++M3Ixh57+zTme223ToCg2oOlk/2rdV0Pg5eFt+kWcRu9+PhOVCgDip3wbIGFTplRhFddOcGjLTfYHe7q5iql9jJK5Id7jUqTGM5nXGhd+XIJzA8KxFrpR4sqUa1xZ4V+45mX5qBEmRvwRMbQ4emJTmoYB3nue6eGptAOWvT2g4znu3tuhWmjvO3oqiUk385o0L7CV8J3kvcdcse5fTy0dP82pzjA12soIKjPns+iJL1Eog9DH2RabghDno+08xTmKiNiUaCdL5wNMKdp/tiUPAyNhd2n1zAFfN6XtI8Ed0vx6vnsaClOYX+9z5NRepsSjKtyOS7jolFHLtYFZxjJPZve2ci4ETEbwqjXxqZBQSn1IwXaJpM877Vs8NPcII5m0m8rtao+MmMsBkbkYyap5Wi9+R+wYnEtnxOza/gwf9FTadp00z9hc7c+5g3aQzyluTa3sp3AmRgXtoQPAeoPVWRZfIV1tNEHZryFGNonFnxjxoL1b8tjXBvoK9ROf9Xsni8yUlGe+XeLx3LGa2yWuoBzs5i2JU/T3Q/TFTMhOrIrV5Fi64wygAKlIJCe5Prd08B4xDasuDfvxAxfKADhtjZjlSW2SlCHnKzYIRMZrbafi+qH/BhZ6AytzN8gjTj+CXzF2CdRP9DbCiju7VVq3a8fnVecq7gn8B2kHi004o36wxFwBHQXHobn+z6Nb1aaAG/00H08NRwh++Na9n2StWyjcWKRrCAl6zWe6iZDmAqnarxVTXAnDqyOq+DGZf9K5I9//O5pmIFL4i3Ea+oIjxbfRNdIdzlmeOoC0FRuxDX7FwS5VoPkxCabExa5B1Efx5c7W6yY44vB3PY+3zTAymXWKg3ktbMSHlcafiqi
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"malware-sample\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989ce-2008-4750-99c0-48ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:29:01.000Z",
"modified": "2016-03-16T16:29:01.000Z",
"pattern": "[file:name = 'UYL7629778206.js' AND file:hashes.SHA1 = '70ce78bf69fb222b4c1f77518abf98c9cace1599']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:29:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e989ce-24f0-464a-9f31-4044950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:29:02.000Z",
"modified": "2016-03-16T16:29:02.000Z",
"pattern": "[file:name = 'UYL7629778206.js' AND file:hashes.SHA256 = 'a839470b66af945500d0e0d1348f613fd47170760c6af0204ad8aec8e34e831f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e98b35-d00c-4c0a-bd38-5ef502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:01.000Z",
"modified": "2016-03-16T16:35:01.000Z",
"first_observed": "2016-03-16T16:35:01Z",
"last_observed": "2016-03-16T16:35:01Z",
"number_observed": 1,
"object_refs": [
"url--56e98b35-d00c-4c0a-bd38-5ef502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e98b35-d00c-4c0a-bd38-5ef502de0b81",
"value": "https://www.virustotal.com/file/a839470b66af945500d0e0d1348f613fd47170760c6af0204ad8aec8e34e831f/analysis/1458141835/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e98b35-7ce4-40d9-b8e5-5ef502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:01.000Z",
"modified": "2016-03-16T16:35:01.000Z",
"first_observed": "2016-03-16T16:35:01Z",
"last_observed": "2016-03-16T16:35:01Z",
"number_observed": 1,
"object_refs": [
"url--56e98b35-7ce4-40d9-b8e5-5ef502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e98b35-7ce4-40d9-b8e5-5ef502de0b81",
"value": "https://www.virustotal.com/file/5de60dabe199d2071fd497cf3cc5ddc805ff761eb0075f85fcf1e59f8638484d/analysis/1458124936/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e98b36-e034-4f29-aee7-5ef502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:02.000Z",
"modified": "2016-03-16T16:35:02.000Z",
"first_observed": "2016-03-16T16:35:02Z",
"last_observed": "2016-03-16T16:35:02Z",
"number_observed": 1,
"object_refs": [
"url--56e98b36-e034-4f29-aee7-5ef502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e98b36-e034-4f29-aee7-5ef502de0b81",
"value": "https://www.virustotal.com/file/8ad4deb4ed65d4eec7ac22e93b34f9c460dc788ce9d99d55e4643a75ff6814aa/analysis/1458140652/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--56e98b36-b20c-494a-935d-5ef502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:35:02.000Z",
"modified": "2016-03-16T16:35:02.000Z",
"first_observed": "2016-03-16T16:35:02Z",
"last_observed": "2016-03-16T16:35:02Z",
"number_observed": 1,
"object_refs": [
"url--56e98b36-b20c-494a-935d-5ef502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--56e98b36-b20c-494a-935d-5ef502de0b81",
"value": "https://www.virustotal.com/file/c001fccbb274a2e8fda7f394ed5834c7841760ccd886e07046b1de545b2c36a0/analysis/1458145535/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56e98a0c-5938-4997-b8d1-4b2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-03-16T16:30:04.000Z",
"modified": "2016-03-16T16:30:04.000Z",
"description": "Automatically added (via v4v5g45hg.exe|5095698ad284ae0054e58c8e8dabc6c4e121a48d)",
"pattern": "[file:name = 'v4v5g45hg.exe' AND file:hashes.MD5 = 'b1a158112b510d4a600ea3ccceae0dc5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-03-16T16:30:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename|md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
2023-04-21 13:25:09 +00:00
]
}