5907 lines
245 KiB
JSON
5907 lines
245 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--5c7c0198-81b0-41d8-9839-4c4d02de0b81",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:43:54.000Z",
|
||
|
"modified": "2019-03-03T16:43:54.000Z",
|
||
|
"name": "CIRCL",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "report",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "report--5c7c0198-81b0-41d8-9839-4c4d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:43:54.000Z",
|
||
|
"modified": "2019-03-03T16:43:54.000Z",
|
||
|
"name": "OSINT - The Supreme Backdoor Factory",
|
||
|
"published": "2019-03-03T16:44:09Z",
|
||
|
"object_refs": [
|
||
|
"x-misp-attribute--5c7c01aa-a188-45f1-8764-43ed02de0b81",
|
||
|
"observed-data--5c7c01b8-76bc-4d2f-89e9-4def02de0b81",
|
||
|
"url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81",
|
||
|
"indicator--5c7c0221-ad6c-4faa-9f04-44fb02de0b81",
|
||
|
"indicator--5c7c0221-b408-498a-b6f5-4a7c02de0b81",
|
||
|
"indicator--5c7c0221-369c-414d-9b4d-4e2302de0b81",
|
||
|
"indicator--5c7c0221-dac8-49e9-97f7-424802de0b81",
|
||
|
"indicator--5c7c0221-9ca4-4f78-b65c-450802de0b81",
|
||
|
"indicator--5c7c0221-7780-4372-8ad0-4e9c02de0b81",
|
||
|
"indicator--5c7c0221-331c-406b-8682-495502de0b81",
|
||
|
"indicator--5c7c0221-f304-4db3-a440-48cd02de0b81",
|
||
|
"indicator--5c7c0221-b5a8-4d99-9dc6-46b202de0b81",
|
||
|
"indicator--5c7c0221-64c4-4c4a-af4a-4c1d02de0b81",
|
||
|
"indicator--5c7c0221-0ecc-48d6-8dc2-458102de0b81",
|
||
|
"indicator--5c7c0221-b104-4883-b418-4f7a02de0b81",
|
||
|
"indicator--5c7c0221-5594-4a1d-82d1-4a3e02de0b81",
|
||
|
"indicator--5c7c0221-1518-473f-bc5e-446d02de0b81",
|
||
|
"indicator--5c7c0221-ca10-455e-b36a-409302de0b81",
|
||
|
"indicator--5c7c0221-8034-4137-a4ec-42ac02de0b81",
|
||
|
"indicator--5c7c0221-29d8-4bfb-9c0f-48f702de0b81",
|
||
|
"indicator--5c7c0221-c0bc-4b8f-80eb-4e0b02de0b81",
|
||
|
"indicator--5c7c0221-5fd4-41ed-818c-4e4d02de0b81",
|
||
|
"indicator--5c7c0221-fc30-4bee-ac7b-4f7802de0b81",
|
||
|
"indicator--5c7c0221-aa20-4e25-8353-4feb02de0b81",
|
||
|
"indicator--5c7c0221-4fdc-4eb8-a833-41ee02de0b81",
|
||
|
"indicator--5c7c0221-f6c4-4d71-bd00-4baf02de0b81",
|
||
|
"indicator--5c7c0221-976c-4594-8f75-4abe02de0b81",
|
||
|
"indicator--5c7c0221-3d28-4347-8099-423d02de0b81",
|
||
|
"indicator--5c7c0221-d920-412f-8566-4bf002de0b81",
|
||
|
"indicator--5c7c0221-7b58-4f3e-a4a3-499b02de0b81",
|
||
|
"indicator--5c7c0221-2880-4b7e-ae9f-41d302de0b81",
|
||
|
"indicator--5c7c0221-cf68-4dcf-b6fb-435502de0b81",
|
||
|
"indicator--5c7c0221-82d0-438a-98c3-43a202de0b81",
|
||
|
"indicator--5c7c0221-2bac-4fd0-bd42-4a9402de0b81",
|
||
|
"indicator--5c7c0221-e108-4b86-934d-48a002de0b81",
|
||
|
"indicator--5c7c0221-b928-4b36-9748-4c1002de0b81",
|
||
|
"indicator--5c7c0221-9210-470c-b1b4-437c02de0b81",
|
||
|
"indicator--5c7c0221-5324-4576-893a-4c8802de0b81",
|
||
|
"indicator--5c7c0221-4958-4ecd-8dc7-473602de0b81",
|
||
|
"indicator--5c7c0221-54a4-4716-8c17-49e902de0b81",
|
||
|
"indicator--5c7c0221-4c68-49c1-868e-4cfe02de0b81",
|
||
|
"indicator--5c7c0221-33c4-4a37-a93c-412f02de0b81",
|
||
|
"indicator--5c7c0221-0928-4d71-ad77-48da02de0b81",
|
||
|
"indicator--5c7c0221-f2dc-4157-bbe3-460902de0b81",
|
||
|
"indicator--5c7c0221-cdb8-48ce-90a4-4f9402de0b81",
|
||
|
"indicator--5c7c0221-9958-4b51-8dee-4cfc02de0b81",
|
||
|
"indicator--5c7c0221-68e0-4f18-9500-4f1e02de0b81",
|
||
|
"indicator--5c7c0221-3a5c-41be-b676-408302de0b81",
|
||
|
"indicator--5c7c0221-0534-4e57-9133-4bab02de0b81",
|
||
|
"indicator--5c7c0221-c454-46b3-a8bd-4e3e02de0b81",
|
||
|
"indicator--5c7c0221-636c-4469-baa0-4ec902de0b81",
|
||
|
"indicator--5c7c0221-0fcc-4894-9740-4c0902de0b81",
|
||
|
"indicator--5c7c0221-af48-4800-b436-4e9e02de0b81",
|
||
|
"indicator--5c7c0221-4564-4e1c-a712-488002de0b81",
|
||
|
"indicator--5c7c0221-e9f4-42ca-b98e-45ab02de0b81",
|
||
|
"indicator--5c7c0221-813c-49dc-a9c9-486502de0b81",
|
||
|
"indicator--5c7c0221-08e4-40a4-9954-462d02de0b81",
|
||
|
"indicator--5c7c0221-84d4-44fd-be42-4c9402de0b81",
|
||
|
"indicator--5c7c0221-fd40-4531-b691-422a02de0b81",
|
||
|
"indicator--5c7c0221-7de0-4909-b91b-413d02de0b81",
|
||
|
"indicator--5c7c0221-0b00-4ad3-8e67-4d8c02de0b81",
|
||
|
"indicator--5c7c0221-9500-49a6-bf0c-43b402de0b81",
|
||
|
"indicator--5c7c0221-2158-47d1-abe5-4ba902de0b81",
|
||
|
"indicator--5c7c0221-b0d0-45fc-af6f-4a7f02de0b81",
|
||
|
"indicator--5c7c0221-3eb8-4ede-8fab-46f002de0b81",
|
||
|
"indicator--5c7c0221-d3a8-4ec0-9069-4f5602de0b81",
|
||
|
"indicator--5c7c0221-7ce8-4ae1-b7bf-4d5502de0b81",
|
||
|
"indicator--5c7c0221-2f88-46ba-844b-4c6502de0b81",
|
||
|
"indicator--5c7c0221-eea8-4f82-b213-41ff02de0b81",
|
||
|
"indicator--5c7c0221-99dc-4682-bf80-430f02de0b81",
|
||
|
"indicator--5c7c0221-4128-4894-a1b1-4c8902de0b81",
|
||
|
"indicator--5c7c0221-eb30-42e8-b5ef-4da102de0b81",
|
||
|
"indicator--5c7c0221-8bd8-4c38-9fd7-438302de0b81",
|
||
|
"indicator--5c7c0221-3a2c-4d19-b12a-443802de0b81",
|
||
|
"indicator--5c7c0221-e5c4-46be-b216-423f02de0b81",
|
||
|
"indicator--5c7c0221-9b20-4464-88d5-43e502de0b81",
|
||
|
"indicator--5c7c0221-51a8-48dd-bdcb-40b902de0b81",
|
||
|
"indicator--5c7c0221-063c-43ad-b910-4d6402de0b81",
|
||
|
"indicator--5c7c0221-aacc-4bb3-af32-493e02de0b81",
|
||
|
"indicator--5c7c0221-5a4c-49f8-a29c-4b5d02de0b81",
|
||
|
"indicator--5c7c0221-09cc-44a5-90a8-441202de0b81",
|
||
|
"indicator--5c7c0221-ac04-4112-bc66-42a802de0b81",
|
||
|
"indicator--5c7c0221-5224-4c17-ab7a-418302de0b81",
|
||
|
"indicator--5c7c0221-f650-4594-b95b-402b02de0b81",
|
||
|
"indicator--5c7c0221-b2b4-456a-b640-4f4902de0b81",
|
||
|
"indicator--5c7c0221-5104-4dc6-9130-411102de0b81",
|
||
|
"indicator--5c7c0221-03a4-4ec6-8adb-43b002de0b81",
|
||
|
"indicator--5c7c0221-c198-4172-8ce9-4d6b02de0b81",
|
||
|
"indicator--5c7c0221-baec-47a1-b4d2-44c302de0b81",
|
||
|
"indicator--5c7c0221-b9b8-4295-955a-439f02de0b81",
|
||
|
"indicator--5c7c0221-b49c-4583-a094-42df02de0b81",
|
||
|
"indicator--5c7c0221-9748-4c72-9213-44f802de0b81",
|
||
|
"indicator--5c7c0249-13c0-4e96-9e84-47a202de0b81",
|
||
|
"indicator--5c7c0249-6818-47b1-8dfa-4b7402de0b81",
|
||
|
"indicator--5c7c0249-9308-4fc2-af8f-448902de0b81",
|
||
|
"indicator--5c7c0249-974c-4f32-bca6-4fde02de0b81",
|
||
|
"indicator--5c7c0249-ab30-4bc1-b098-48c002de0b81",
|
||
|
"indicator--5c7c0249-cacc-460d-83aa-4e9502de0b81",
|
||
|
"indicator--5c7c0249-f620-4700-8070-48c402de0b81",
|
||
|
"indicator--5c7c0249-43d4-4b30-96e1-42f502de0b81",
|
||
|
"indicator--5c7c0249-9890-442f-a2c8-4a7702de0b81",
|
||
|
"indicator--5c7c0249-c0c4-494c-abdd-44c702de0b81",
|
||
|
"indicator--5c7c0249-0900-4bb0-894d-4a1502de0b81",
|
||
|
"indicator--5c7c0249-3fa8-47aa-9b11-4c8602de0b81",
|
||
|
"indicator--5c7c0249-8eec-4986-afc5-458002de0b81",
|
||
|
"indicator--5c7c0249-bef0-4611-971d-49da02de0b81",
|
||
|
"indicator--5c7c0249-10f0-4524-8bfb-42da02de0b81",
|
||
|
"indicator--5c7c0249-62f0-4798-a3e2-4e1c02de0b81",
|
||
|
"indicator--5c7c0249-792c-4fde-9a32-490d02de0b81",
|
||
|
"indicator--5c7c0249-9f08-410d-b9c0-407b02de0b81",
|
||
|
"indicator--5c7c0249-c2f0-42df-b6ad-429502de0b81",
|
||
|
"indicator--5c7c0249-f164-4356-9dc5-40ca02de0b81",
|
||
|
"indicator--5c7c0249-0098-4b7c-b379-4ee302de0b81",
|
||
|
"indicator--5c7c0249-160c-4846-a2c8-444102de0b81",
|
||
|
"indicator--5c7c0249-22e8-4b30-b5e5-4cbd02de0b81",
|
||
|
"indicator--5c7c0249-3d0c-4e20-898e-4f7102de0b81",
|
||
|
"indicator--5c7c0249-79f4-45db-872f-4a7a02de0b81",
|
||
|
"indicator--5c7c0249-b3bc-4e05-a247-491302de0b81",
|
||
|
"indicator--5c7c0249-cd18-4c90-816c-4b9002de0b81",
|
||
|
"indicator--5c7c0249-d79c-4bea-bc37-4a2102de0b81",
|
||
|
"indicator--5c7c0249-d53c-43eb-b947-42c202de0b81",
|
||
|
"indicator--5c7c0249-e27c-4385-b258-4e8e02de0b81",
|
||
|
"indicator--5c7c0249-f4d0-4068-8cd1-49a002de0b81",
|
||
|
"indicator--5c7c0249-36cc-43aa-8d2d-47e202de0b81",
|
||
|
"indicator--5c7c0249-1720-420c-87d1-4eac02de0b81",
|
||
|
"indicator--5c7c0249-eedc-4646-a871-4b8702de0b81",
|
||
|
"indicator--5c7c0249-d05c-4e83-b419-4bc402de0b81",
|
||
|
"indicator--5c7c0249-d310-42a3-9040-44e702de0b81",
|
||
|
"indicator--5c7c0249-beb8-41a2-98cf-4c2302de0b81",
|
||
|
"indicator--5c7c0249-b67c-4dac-9b65-4d5c02de0b81",
|
||
|
"indicator--5c7c0249-b868-4529-89a8-425f02de0b81",
|
||
|
"indicator--5c7c0249-be3c-41f6-8add-44dc02de0b81",
|
||
|
"indicator--5c7c024a-f9b8-4717-9a28-438602de0b81",
|
||
|
"indicator--5c7c024a-0c70-426b-a1f2-492002de0b81",
|
||
|
"indicator--5c7c024a-23d8-4999-8c74-44cd02de0b81",
|
||
|
"indicator--5c7c024a-48ec-4243-952a-499b02de0b81",
|
||
|
"indicator--5c7c024a-5d98-4501-8d96-433f02de0b81",
|
||
|
"indicator--5c7c024a-80b8-4f00-82d0-475b02de0b81",
|
||
|
"indicator--5c7c024a-2074-4671-ae37-466902de0b81",
|
||
|
"indicator--5c7c024a-d1c4-4155-9998-499202de0b81",
|
||
|
"indicator--5c7c024a-a4ac-4db8-936d-4bff02de0b81",
|
||
|
"indicator--5c7c024a-7668-42f4-91f6-41a702de0b81",
|
||
|
"indicator--5c7c024a-9988-4367-8082-41ac02de0b81",
|
||
|
"indicator--5c7c024a-8b70-4356-942a-413602de0b81",
|
||
|
"indicator--5c7c024a-907c-4aac-a483-4fb302de0b81",
|
||
|
"indicator--5c7c024a-ae88-484d-9561-498402de0b81",
|
||
|
"indicator--5c7c024a-f854-49f4-9d99-48c802de0b81",
|
||
|
"indicator--5c7c024a-2790-4287-bb8b-4d2802de0b81",
|
||
|
"indicator--5c7c024a-602c-4683-bc6f-4a8702de0b81",
|
||
|
"indicator--5c7c024a-a930-4e25-be10-489b02de0b81",
|
||
|
"indicator--5c7c024a-e294-42bc-b687-411602de0b81",
|
||
|
"indicator--5c7c024a-ed7c-469a-900b-46d702de0b81",
|
||
|
"indicator--5c7c024a-01c4-4c74-a09a-414502de0b81",
|
||
|
"indicator--5c7c024a-192c-4d60-8137-4f8702de0b81",
|
||
|
"indicator--5c7c024a-2ea0-4dc3-b311-411902de0b81",
|
||
|
"indicator--5c7c024a-3e38-44fd-9919-473002de0b81",
|
||
|
"indicator--5c7c024a-5d70-4cbe-bd5a-489702de0b81",
|
||
|
"indicator--5c7c024a-640c-484a-a110-492902de0b81",
|
||
|
"indicator--5c7c024a-7f5c-4d0e-8450-47cd02de0b81",
|
||
|
"indicator--5c7c024a-707c-4258-9e18-49b502de0b81",
|
||
|
"indicator--5c7c024a-c600-4022-8d16-481302de0b81",
|
||
|
"indicator--5c7c024a-fab4-4cc2-96ef-4d6602de0b81",
|
||
|
"indicator--5c7c024a-0efc-47f4-9e5c-430102de0b81",
|
||
|
"indicator--5c7c024a-0d64-410f-a383-482a02de0b81",
|
||
|
"indicator--5c7c024a-cfa4-4079-ad2f-4f6302de0b81",
|
||
|
"indicator--5c7c02dc-f800-458c-b6cd-4c5002de0b81",
|
||
|
"indicator--5c7c02dc-d068-41a8-8394-447302de0b81",
|
||
|
"indicator--5c7c02dc-00a8-4bf9-9605-445802de0b81",
|
||
|
"indicator--5c7c02dc-0c94-4639-bd5d-4d1102de0b81",
|
||
|
"indicator--5c7c02dc-cca8-4b3c-aa8c-4c5702de0b81",
|
||
|
"indicator--5c7c02dc-4c64-4faf-8bb9-4bbf02de0b81",
|
||
|
"indicator--5c7c02dc-e5b8-4cb7-826e-45f402de0b81",
|
||
|
"indicator--5c7c02dc-a064-45a8-b596-40e802de0b81",
|
||
|
"indicator--5c7c02dc-0390-4f12-bd14-472802de0b81",
|
||
|
"indicator--5c7c02dc-90c8-4b11-ac9c-452a02de0b81",
|
||
|
"indicator--5c7c02dc-5e4c-46b3-a23d-459202de0b81",
|
||
|
"indicator--5c7c02dc-3644-4d56-a037-4caf02de0b81",
|
||
|
"indicator--5c7c02dc-f21c-4d42-8d57-46cb02de0b81",
|
||
|
"indicator--5c7c02dc-2a90-45b2-8eab-439802de0b81",
|
||
|
"indicator--5c7c02dc-9054-44a2-9762-46aa02de0b81",
|
||
|
"indicator--5c7c02dc-466c-406b-a889-4d1002de0b81",
|
||
|
"indicator--5c7c0329-1fa0-4c09-8509-44d402de0b81",
|
||
|
"indicator--5c7c0329-9cfc-4b05-957a-42fc02de0b81",
|
||
|
"indicator--5c7c0329-089c-4f9f-9419-4e3902de0b81",
|
||
|
"indicator--5c7c0329-9428-4c9d-9eed-422f02de0b81",
|
||
|
"indicator--5c7c0329-0a70-4b5f-814a-40d602de0b81",
|
||
|
"indicator--5c7c0329-c174-4914-b716-47e202de0b81",
|
||
|
"indicator--5c7c0329-9e80-4abd-886e-48c702de0b81",
|
||
|
"indicator--5c7c0329-ea18-4697-97a6-408f02de0b81",
|
||
|
"indicator--5c7c0329-d7f0-458a-aa3a-4d6502de0b81",
|
||
|
"indicator--5c7c0329-4fb0-436e-b5d0-454702de0b81",
|
||
|
"indicator--5c7c0329-5a84-4289-9e39-4f8f02de0b81",
|
||
|
"indicator--5c7c0329-0e28-4ded-97ca-4bfd02de0b81",
|
||
|
"indicator--5c7c0329-ee30-40fe-8876-4e8202de0b81",
|
||
|
"indicator--5c7c0329-b764-4509-a423-483402de0b81",
|
||
|
"indicator--5c7c0329-3c0c-41c9-ba81-425602de0b81",
|
||
|
"indicator--5c7c0329-b1cc-480a-96a0-47d302de0b81",
|
||
|
"observed-data--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"observed-data--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"indicator--5c7c0410-8f20-4cbd-bbc4-4b3e02de0b81",
|
||
|
"indicator--5c7c0410-b880-44e3-b03e-422102de0b81",
|
||
|
"indicator--5c7c0410-9230-4359-8594-436902de0b81",
|
||
|
"indicator--5c7c0410-67f8-423d-baf4-421f02de0b81",
|
||
|
"indicator--5c7c0410-3140-48a5-9438-42e102de0b81",
|
||
|
"indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e",
|
||
|
"x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af",
|
||
|
"indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416",
|
||
|
"x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8",
|
||
|
"indicator--ad497e60-8895-4967-ae45-2a64ccac91d3",
|
||
|
"x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b",
|
||
|
"indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a",
|
||
|
"x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a",
|
||
|
"indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a",
|
||
|
"x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1",
|
||
|
"indicator--ce897d99-d116-43d0-959b-fbe57566ea72",
|
||
|
"x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe",
|
||
|
"indicator--61b1cb3e-62ee-4b70-a561-646f511bb520",
|
||
|
"x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992",
|
||
|
"indicator--8268456e-e83d-4737-a7a8-06ea323d880c",
|
||
|
"x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2",
|
||
|
"indicator--3b469718-143a-4a84-b8ae-ec7aff951925",
|
||
|
"x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc",
|
||
|
"indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158",
|
||
|
"x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8",
|
||
|
"indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd",
|
||
|
"x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a",
|
||
|
"relationship--ea0fcb2f-70ff-4499-956c-2bafbd89c864",
|
||
|
"relationship--b5d96a25-a510-4030-a9fe-810bf198d285",
|
||
|
"relationship--ad6b775f-f6ec-4d3b-87b8-154e55f8e4b8",
|
||
|
"relationship--0fabf3f4-d500-46c9-b67c-9a32742bccee",
|
||
|
"relationship--26b89960-ff24-40a1-9c63-9b98a0e3ab5d",
|
||
|
"relationship--d4c94ba8-83ab-4032-9108-29c3dea281c6",
|
||
|
"relationship--e0ca12e9-0d8b-42cc-845d-1cc04adb4a29",
|
||
|
"relationship--a80ac907-91af-4eca-b368-6276b77bf0b7",
|
||
|
"relationship--dd9d407f-b6fc-4a20-9ecb-ecc53f81fcf8",
|
||
|
"relationship--762babe4-361c-4ed4-a400-35d34b37bc64",
|
||
|
"relationship--b49504da-a02a-483e-9592-2ae60e3c1721"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"type:OSINT",
|
||
|
"osint:lifetime=\"perpetual\"",
|
||
|
"osint:certainty=\"50\"",
|
||
|
"ecsirt:intrusions=\"backdoor\"",
|
||
|
"misp-galaxy:mitre-attack-pattern=\"Supply Chain Compromise - T1195\""
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--5c7c01aa-a188-45f1-8764-43ed02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:32:42.000Z",
|
||
|
"modified": "2019-03-03T16:32:42.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "Recently I was playing with VirusTotal Intelligence and while testing some dynamic behavior queries I stumbled upon this strange PE binary (MD5: 7fce12d2cc785f7066f86314836c95ec). The file claimed to be an installer for the JXplorer 3.3.1.2, a Java-based \u00e2\u20ac\u0153cross platform LDAP browser and editor\u00e2\u20ac\u009d as indicated on its official web page. Why was it strange? Mostly because I did not expect an installer for a quite popular LDAP browser to create a scheduled task in order to download and execute PowerShell code from a subdomain hosted by free dynamic DNS provide"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--5c7c01b8-76bc-4d2f-89e9-4def02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:32:56.000Z",
|
||
|
"modified": "2019-03-03T16:32:56.000Z",
|
||
|
"first_observed": "2019-03-03T16:32:56Z",
|
||
|
"last_observed": "2019-03-03T16:32:56Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--5c7c01b8-76bc-4d2f-89e9-4def02de0b81",
|
||
|
"value": "https://dfir.it/blog/2019/02/26/the-supreme-backdoor-factory/"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-ad6c-4faa-9f04-44fb02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'beataschumska']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b408-498a-b6f5-4a7c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'henrichjahoda']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-369c-414d-9b4d-4e2302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adorehollenberger']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-dac8-49e9-97f7-424802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'marceltutailo']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9ca4-4f78-b65c-450802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'peggyverduin']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-7780-4372-8ad0-4e9c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'burhanick']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-331c-406b-8682-495502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alicialohitka']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-f304-4db3-a440-48cd02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'carolewilmot']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b5a8-4d99-9dc6-46b202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'darinkaleo']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-64c4-4c4a-af4a-4c1d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ladislavask']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-0ecc-48d6-8dc2-458102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'malinov97']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b104-4883-b418-4f7a02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'liannepitter']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5594-4a1d-82d1-4a3e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'vaclaw281']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-1518-473f-bc5e-446d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'serkovs']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-ca10-455e-b36a-409302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'viviyanzuraski']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-8034-4137-a4ec-42ac02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'kathlinrichardi']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-29d8-4bfb-9c0f-48f702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'harliearrighi']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-c0bc-4b8f-80eb-4e0b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'georgenadowers']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5fd4-41ed-818c-4e4d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'bucka23']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-fc30-4bee-ac7b-4f7802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adamkulecky']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-aa20-4e25-8353-4feb02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'dretressel']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-4fdc-4eb8-a833-41ee02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'martieklarmann']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-f6c4-4d71-bd00-4baf02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'simonmirolok']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-976c-4594-8f75-4abe02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'vladekmikor']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-3d28-4347-8099-423d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jelamarucka']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-d920-412f-8566-4bf002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'catheewardenburg']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-7b58-4f3e-a4a3-499b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'booohumir']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-2880-4b7e-ae9f-41d302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ballory']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-cf68-4dcf-b6fb-435502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alicaangelaaa']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-82d0-438a-98c3-43a202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'wynnwhooley']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-2bac-4fd0-bd42-4a9402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'darylprivitt']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-e108-4b86-934d-48a002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mansiiqkal']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b928-4b36-9748-4c1002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'philippinefalotico']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9210-470c-b1b4-437c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'colettabauguss']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5324-4576-893a-4c8802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mstarenna']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-4958-4ecd-8dc7-473602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sibyllabalkam']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-54a4-4716-8c17-49e902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'stangard09']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-4c68-49c1-868e-4cfe02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'apalicka']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-33c4-4a37-a93c-412f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'johnaallanson']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-0928-4d71-ad77-48da02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gczunka']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-f2dc-4157-bbe3-460902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gabrieolo']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-cdb8-48ce-90a4-4f9402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'mabostracky']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9958-4b51-8dee-4cfc02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'alexiejmarckut']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-68e0-4f18-9500-4f1e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'eugeniamcqueary']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-3a5c-41be-b676-408302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lorielagala']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-0534-4e57-9133-4bab02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'syedlopez']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-c454-46b3-a8bd-4e3e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jamiekaylor']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-636c-4469-baa0-4ec902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'myriamdavine']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-0fcc-4894-9740-4c0902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ariellaglading']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-af48-4800-b436-4e9e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'zdenkohenkotss']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-4564-4e1c-a712-488002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'peska817']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-e9f4-42ca-b98e-45ab02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'nickideanna']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-813c-49dc-a9c9-486502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'milosbukietov']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-08e4-40a4-9954-462d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'nikkihorvatin']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-84d4-44fd-be42-4c9402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'navsty091']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-fd40-4531-b691-422a02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adamrybak9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-7de0-4909-b91b-413d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'zuzkaya34']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-0b00-4ad3-8e67-4d8c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'chandramorando']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9500-49a6-bf0c-43b402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'barbeebernbaum']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-2158-47d1-abe5-4ba902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sonajukubska']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b0d0-45fc-af6f-4a7f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lenabrekken']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-3eb8-4ede-8fab-46f002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'binnykimmerling']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-d3a8-4ec0-9069-4f5602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ailynmittleman']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-7ce8-4ae1-b7bf-4d5502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'sharityfedorova']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-2f88-46ba-844b-4c6502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'marjorystubstad']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-eea8-4f82-b213-41ff02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'karibanker']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-99dc-4682-bf80-430f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'glorybatelli']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-4128-4894-a1b1-4c8902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jeanelletobler']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-eb30-42e8-b5ef-4da102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'stacischierbeek']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-8bd8-4c38-9fd7-438302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danaochdana']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-3a2c-4d19-b12a-443802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'jurajkabackov']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-e5c4-46be-b216-423f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'luboslucia']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9b20-4464-88d5-43e502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adalineciochon']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-51a8-48dd-bdcb-40b902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'markodelka']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-063c-43ad-b910-4d6402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ivetakovac']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-aacc-4bb3-af32-493e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'emilemilan290']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5a4c-49f8-a29c-4b5d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'rochettecoahran']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-09cc-44a5-90a8-441202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danielstrnad']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-ac04-4112-bc66-42a802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'aurelrybar']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5224-4c17-ab7a-418302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'ivonka271']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-f650-4594-b95b-402b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'violetstanziola']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b2b4-456a-b640-4f4902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'lonniewarmerdam']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-5104-4dc6-9130-411102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'gregzima']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-03a4-4ec6-8adb-43b002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adrianzigich']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-c198-4172-8ce9-4d6b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'romolaoesterreicher']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-baec-47a1-b4d2-44c302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'danitagotwald']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b9b8-4295-955a-439f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'brandaisdimilia']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-b49c-4583-a094-42df02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'adunkins']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0221-9748-4c72-9213-44f802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:34:41.000Z",
|
||
|
"modified": "2019-03-03T16:34:41.000Z",
|
||
|
"description": "Malicious github account",
|
||
|
"pattern": "[user-account:account_type = 'github' AND user-account:account_login = 'snacknroll11']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:34:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Social network"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"github-username\"",
|
||
|
"misp:category=\"Social network\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-13c0-4e96-9e84-47a202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/beataschumska/json-lib']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-6818-47b1-8dfa-4b7402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/gregzima/robocode']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-9308-4fc2-af8f-448902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/bucka23/jpwsafe']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-974c-4f32-bca6-4fde02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/burhanick/minecraft']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-ab30-4bc1-b098-48c002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/ivonka271/newgenlib']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-cacc-460d-83aa-4e9502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/markodelka/upnp-portmapper']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-f620-4700-8070-48c402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/milosbukietov/tuatra']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-43d4-4b30-96e1-42f502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/mabostracky/tn5250j']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-9890-442f-a2c8-4a7702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/gczunka/ta-lib']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-c0c4-494c-abdd-44c702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/ladislavask/super-mario-bros-java']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-0900-4bb0-894d-4a1502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/vladekmikor/soniccandle']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-3fa8-47aa-9b11-4c8602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/marceltutailo/snpeff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-8eec-4986-afc5-458002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/syedlopez/proguard']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-bef0-4611-971d-49da02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/simonmirolok/plantuml']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-10f0-4524-8bfb-42da02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/jelamarucka/pdfjumbler']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-62f0-4798-a3e2-4e1c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/navsty091/opencsv']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-792c-4fde-9a32-490d02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/darinkaleo/neuroph']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-9f08-410d-b9c0-407b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/peska817/mondrian']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-c2f0-42df-b6ad-429502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/serkovs/jxplorer']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-f164-4356-9dc5-40ca02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/vaclaw281/junit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-0098-4b7c-b379-4ee302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/jurajkabackov/jtreeview']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-160c-4846-a2c8-444102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/stangard09/jt400']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-22e8-4b30-b5e5-4cbd02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/emilemilan290/jnative']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-3d0c-4e20-898e-4f7102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/sonajukubska/jmxterm']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-79f4-45db-872f-4a7a02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/ivetakovac/jmusic']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-b3bc-4e05-a247-491302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adamkulecky/jmt']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-cd18-4c90-816c-4b9002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/alicialohitka/jdatepicker']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-d79c-4bea-bc37-4a2102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/danielstrnad/jalmus']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-d53c-43eb-b947-42c202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/zuzkaya34/jackcess']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-e27c-4385-b258-4e8e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/mstarenna/hermesjms']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-f4d0-4068-8cd1-49a002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/booohumir/geotools']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-36cc-43aa-8d2d-47e202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/alicaangelaaa/gcviewer']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-1720-420c-87d1-4eac02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/zdenkohenkotss/ermaster']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-eedc-4646-a871-4b8702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/aurelrybar/editbox']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-d05c-4e83-b419-4bc402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/mansiiqkal/easymodbustcp-udp-java']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-d310-42a3-9040-44e702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/malinov97/csvjdbc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-beb8-41a2-98cf-4c2302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/danaochdana/checkstyle']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-b67c-4dac-9b65-4d5c02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/luboslucia/cglib']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-b868-4529-89a8-425f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/alexiejmarckut/blazegraph']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0249-be3c-41f6-8add-44dc02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/henrichjahoda/ardublock']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-f9b8-4717-9a28-438602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:21.000Z",
|
||
|
"modified": "2019-03-03T16:35:21.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adamrybak9/aopalliance']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-0c70-426b-a1f2-492002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adorehollenberger/rlgamekit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-23d8-4999-8c74-44cd02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/liannepitter/java-chess-2d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-48ec-4243-952a-499b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/dretressel/teachingbox']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-5d98-4501-8d96-433f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/barbeebernbaum/sudokuki']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-80b8-4f00-82d0-475b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/johnaallanson/strong-java-chess']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-2074-4671-ae37-466902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/eugeniamcqueary/spaceaction3000']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-d1c4-4155-9998-499202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/lonniewarmerdam/scopadiluigiusai']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-a4ac-4db8-936d-4bff02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/sibyllabalkam/quorum']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-7668-42f4-91f6-41a702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/sharityfedorova/pedroso-game-work']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-9988-4367-8082-41ac02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/ailynmittleman/openpatrician']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-8b70-4356-942a-413602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/darylprivitt/jskat']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-907c-4aac-a483-4fb302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/lenabrekken/jsettlers2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-ae88-484d-9561-498402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/harliearrighi/jmatrixgame']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-f854-49f4-9d99-48c802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/glorybatelli/java-marvel-character-creator']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-2790-4287-bb8b-4d2802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/jeanelletobler/gumbo']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-602c-4683-bc6f-4a8702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/rochettecoahran/game-of-life-bison']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-a930-4e25-be10-489b02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/karibanker/eug']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-e294-42bc-b687-411602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/brandaisdimilia/space-faring']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-ed7c-469a-900b-46d702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/gabrieolo/bounceball']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-01c4-4c74-a09a-414502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/ballory/ffmpeg']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-192c-4d60-8137-4f8702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/apalicka/javachess']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-2ea0-4dc3-b311-411902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/philippinefalotico/cardriving']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-3e38-44fd-9919-473002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/snacknroll11/streettalk_priv_bot']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-5d70-4cbe-bd5a-489702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-armv8l-linux-gnu']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-640c-484a-a110-492902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-arm-linux-gnu']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-7f5c-4d0e-8450-47cd02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/gcc-linaro-7.2.1-aarch64-linux-gnu']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-707c-4258-9e18-49b502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/mingw64_o3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-c600-4022-8d16-481302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/mingw32_o3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-fab4-4cc2-96ef-4d6602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/openwrt_toolchain']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-0efc-47f4-9e5c-430102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/sagemfast-crosscompiler']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-0d64-410f-a383-482a02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/ios_toolchain']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c024a-cfa4-4079-ad2f-4f6302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:35:22.000Z",
|
||
|
"modified": "2019-03-03T16:35:22.000Z",
|
||
|
"description": "Malicious github repository",
|
||
|
"pattern": "[url:value = 'https://github.com/adunkins/toolchain-ppc-tuxbox-old_s']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:35:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-f800-458c-b6cd-4c5002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '7fce12d2cc785f7066f86314836c95ec']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-d068-41a8-8394-447302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '6ee28018e7d31aef0b4fd6940dff1d0a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-00a8-4bf9-9605-445802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[url:value = 'https://github.com/snacknroll11/streettalk_priv_bot']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-0c94-4639-bd5d-4d1102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '9d4aeb737179995a397d675f41e5f97f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-cca8-4b3c-aa8c-4c5702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '533ac97f44b4aea1a35481d963cc9106']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-4c64-4faf-8bb9-4bbf02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'd7c4a1d4f75045a2a1e324ae5114ea17']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-e5b8-4cb7-826e-45f402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '65579b8ed47ca163fae2b3dffd8b4d5a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-a064-45a8-b596-40e802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[url:value = 'http://ecc.freeddns.org/data.txt']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-0390-4f12-bd14-472802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'c78ccfc45bfba703cce0fc0c75c0f6af']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-90c8-4b11-ac9c-452a02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[url:value = 'https://github.com/ballory/ffmpeg']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-5e4c-46b3-a23d-459202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '0489493aeb26b6772bf3653aedf75d2a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-3644-4d56-a037-4caf02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[url:value = 'https://github.com/serkovs/jxplorer']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-f21c-4d42-8d57-46cb02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '4d18388a9b351907be4a9f91785c9997']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-2a90-45b2-8eab-439802de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[url:value = 'https://github.com/mansiiqkal/easymodbustcp-udp-java']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-9054-44a2-9762-46aa02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '815db0de2c6a610797c6735511eaaaf9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c02dc-466c-406b-a889-4d1002de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:37:48.000Z",
|
||
|
"modified": "2019-03-03T16:37:48.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'dd3a38ee6b5b6340acd3bb8099f928a8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:37:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload delivery"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload delivery\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-1fa0-4c09-8509-44d402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://svf.duckdns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-9cfc-4b05-957a-42fc02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://coppingfun.ml/blazebot']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-089c-4f9f-9419-4e3902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://allesare.sourceforge.net/en-us/bver']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-9428-4c9d-9eed-422f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://allesare.sourceforge.net/en-us/m']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-0a70-4b5f-814a-40d602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://san.strangled.net/stat']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-c174-4914-b716-47e202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://jessicacheshire.users.sourceforge.net']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-9e80-4abd-886e-48c702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'limons.duckdns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-ea18-4697-97a6-408f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'polarbear.freeddns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-d7f0-458a-aa3a-4d6502de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://ecc.freeddns.org/a2s.txt']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-4fb0-436e-b5d0-454702de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://utelemetrics.atwebpages.com/update.php?tag=']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-5a84-4289-9e39-4f8f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://yzyaio.onlinewebshop.net/act/stat.php?info=SLADE']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-0e28-4ded-97ca-4bfd02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://eln.duckdns.org/se']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-ee30-40fe-8876-4e8202de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://enl.duckdns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-b764-4509-a423-483402de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'sanemarine.duckdns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-3c0c-41c9-ba81-425602de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[domain-name:value = 'lemonade.freeddns.org']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0329-b1cc-480a-96a0-47d302de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:05.000Z",
|
||
|
"modified": "2019-03-03T16:39:05.000Z",
|
||
|
"pattern": "[url:value = 'http://allesare.sourceforge.net/test/msg']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:39:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"url\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:22.000Z",
|
||
|
"modified": "2019-03-03T16:39:22.000Z",
|
||
|
"first_observed": "2019-03-03T16:39:22Z",
|
||
|
"last_observed": "2019-03-03T16:39:22Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-src\"",
|
||
|
"misp:category=\"Network activity\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "network-traffic",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "network-traffic--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"src_ref": "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"protocols": [
|
||
|
"tcp"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "ipv4-addr",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "ipv4-addr--5c7c033a-0d88-4b5a-923e-43e2e387cbd9",
|
||
|
"value": "83.31.61.38"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:39:23.000Z",
|
||
|
"modified": "2019-03-03T16:39:23.000Z",
|
||
|
"first_observed": "2019-03-03T16:39:23Z",
|
||
|
"last_observed": "2019-03-03T16:39:23Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"ip-src\"",
|
||
|
"misp:category=\"Network activity\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "network-traffic",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "network-traffic--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"src_ref": "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"protocols": [
|
||
|
"tcp"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "ipv4-addr",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "ipv4-addr--5c7c033b-e648-41e1-92cc-4a06e387cbd9",
|
||
|
"value": "83.7.177.233"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0410-8f20-4cbd-bbc4-4b3e02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:42:56.000Z",
|
||
|
"modified": "2019-03-03T16:42:56.000Z",
|
||
|
"pattern": "[file:name = '$HOME/.local/share/bbauto']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:42:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"filename\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0410-b880-44e3-b03e-422102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:42:56.000Z",
|
||
|
"modified": "2019-03-03T16:42:56.000Z",
|
||
|
"pattern": "[file:name = '$HOME/.config/autostart/none.desktop']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:42:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"filename\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0410-9230-4359-8594-436902de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:42:56.000Z",
|
||
|
"modified": "2019-03-03T16:42:56.000Z",
|
||
|
"pattern": "[file:name = '$HOME/Library/LaunchAgents/AutoUpdater.dat']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:42:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"filename\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0410-67f8-423d-baf4-421f02de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:42:56.000Z",
|
||
|
"modified": "2019-03-03T16:42:56.000Z",
|
||
|
"pattern": "[file:name = '$HOME/Library/LaunchAgents/AutoUpdater.plist']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:42:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"filename\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5c7c0410-3140-48a5-9438-42e102de0b81",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:42:56.000Z",
|
||
|
"modified": "2019-03-03T16:42:56.000Z",
|
||
|
"pattern": "[file:name = '$HOME/Library/LaunchAgents/SoftwareSync.plist']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:42:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"filename\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:29.000Z",
|
||
|
"modified": "2019-03-03T16:41:29.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '65579b8ed47ca163fae2b3dffd8b4d5a' AND file:hashes.SHA1 = 'a4fe0a43cdb2cba8180c68fa94a42bdd399f52cf' AND file:hashes.SHA256 = '86a3802ad5f35262d01efe6b678585db356121807bc28105f43019cbbd0f23fb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-02-23T12:46:29",
|
||
|
"category": "Other",
|
||
|
"uuid": "6e0f8e7d-3421-453d-9cf2-acdbfc47d9f4"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/86a3802ad5f35262d01efe6b678585db356121807bc28105f43019cbbd0f23fb/analysis/1550925989/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "c534456e-f48a-4239-9569-473442e6148d"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/57",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "195b02ac-c8b2-45cd-bdb6-fd70f655f2c5"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '6ee28018e7d31aef0b4fd6940dff1d0a' AND file:hashes.SHA1 = '02d82f20c1c8ac76c118ec995b00171480b4ebe2' AND file:hashes.SHA256 = 'c0313523c28288d01ba52289680b2405c1005ee7bbd0143cf116b0263245d8ba']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-03-01T11:39:18",
|
||
|
"category": "Other",
|
||
|
"uuid": "9da1b58b-9692-4fcc-bd4d-828d919c3ce9"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/c0313523c28288d01ba52289680b2405c1005ee7bbd0143cf116b0263245d8ba/analysis/1551440358/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "de81b0b7-0ca8-4736-9e31-ca501f8595c4"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/70",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "3604fcb6-82fe-4952-82ee-69b90d4840f2"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ad497e60-8895-4967-ae45-2a64ccac91d3",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '815db0de2c6a610797c6735511eaaaf9' AND file:hashes.SHA1 = '6a143db1b43ecb2d28016fe41d9c5a7714453a76' AND file:hashes.SHA256 = '03722893c4990e0233c464e709943fb929b5cc70920c76b84a75f730f052f563']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-03-01T11:47:10",
|
||
|
"category": "Other",
|
||
|
"uuid": "fbd48270-3f53-4f8c-9490-34d77aec5b76"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/03722893c4990e0233c464e709943fb929b5cc70920c76b84a75f730f052f563/analysis/1551440830/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "1965f48b-119c-4d5d-9315-995cf680b5cb"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/69",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "a39094f5-0df1-45a7-9c11-217fe87324e5"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'dd3a38ee6b5b6340acd3bb8099f928a8' AND file:hashes.SHA1 = '5cd1c492a1d51689f749f3d9caa6076872f2f3ff' AND file:hashes.SHA256 = 'b935aaa10a5b53184f33dfbc7f0314fd0ee11fb740711ce93b5a1c51d8fa1153']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:30.000Z",
|
||
|
"modified": "2019-03-03T16:41:30.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-03-01T11:42:16",
|
||
|
"category": "Other",
|
||
|
"uuid": "09af03a7-06ac-4d02-81c2-946bea40d36e"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/b935aaa10a5b53184f33dfbc7f0314fd0ee11fb740711ce93b5a1c51d8fa1153/analysis/1551440536/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "7581aee5-44bb-40cc-90e6-25cdce71fdbc"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/69",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "75f36b0a-3da3-4f93-9c86-12c4eb0dc53d"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '7fce12d2cc785f7066f86314836c95ec' AND file:hashes.SHA1 = '84afdf87894eb0389dfdbdde6278f36e9348457a' AND file:hashes.SHA256 = '5e3bba9a94ff757400ce5a0f2a2a43076c515bc0e3728964b4f58f503ed9917c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-03-01T11:40:25",
|
||
|
"category": "Other",
|
||
|
"uuid": "ea2523de-13a2-49c2-b4b8-0d847c61ac22"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/5e3bba9a94ff757400ce5a0f2a2a43076c515bc0e3728964b4f58f503ed9917c/analysis/1551440425/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "e9e2f282-02e9-4318-bcd7-8cfd093466ba"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "7/68",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "523d80f0-1249-41d5-b0bf-6ab61cc8dafc"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ce897d99-d116-43d0-959b-fbe57566ea72",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '0489493aeb26b6772bf3653aedf75d2a' AND file:hashes.SHA1 = '058c864831b0631ba18a9b02700a0a38529f7ff8' AND file:hashes.SHA256 = '21a5f6b003886b26c769132a8ffa06d607260980895a1e7484744fe3107ee099']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2018-06-04T10:29:50",
|
||
|
"category": "Other",
|
||
|
"uuid": "98d110c3-6eea-4879-8e0a-da42b6c150de"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/21a5f6b003886b26c769132a8ffa06d607260980895a1e7484744fe3107ee099/analysis/1528108190/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "7cfa447e-e135-43e3-895e-7a7b0cd56ffd"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/59",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "0e970b39-6c21-4245-8ac4-a97b6d5ea57c"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--61b1cb3e-62ee-4b70-a561-646f511bb520",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '9d4aeb737179995a397d675f41e5f97f' AND file:hashes.SHA1 = 'cebe3862bd477e78bdbb020b3a53da91a1fa747d' AND file:hashes.SHA256 = '955904c82e953113183aad6a60fef962847549d02f531a62bf00d724c3c482c3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-01-27T01:31:19",
|
||
|
"category": "Other",
|
||
|
"uuid": "affd0d1c-1e8c-4306-ac72-810706f25cad"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/955904c82e953113183aad6a60fef962847549d02f531a62bf00d724c3c482c3/analysis/1548552679/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "8be5d5ab-a541-4a9e-a0a7-8c1a7f45e568"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/57",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "b2032ab7-4f4b-446a-a65a-2c965e695340"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8268456e-e83d-4737-a7a8-06ea323d880c",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '4d18388a9b351907be4a9f91785c9997' AND file:hashes.SHA1 = 'ee2b18a7413579bd18acc19d33fa307e8a6662c4' AND file:hashes.SHA256 = 'd1b19801e477f6297e41bfa040f5fb09e5f34b1e24b2bd90c960dd09a2be85f9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:31.000Z",
|
||
|
"modified": "2019-03-03T16:41:31.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-02-23T18:15:33",
|
||
|
"category": "Other",
|
||
|
"uuid": "22bc8561-c209-42ff-897f-3a7e53daa22e"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/d1b19801e477f6297e41bfa040f5fb09e5f34b1e24b2bd90c960dd09a2be85f9/analysis/1550945733/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "26e862b3-d8ca-41e5-a50d-e369a9c4fac2"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/58",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "5364dc79-050f-48b7-9571-6fd1894f79d6"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3b469718-143a-4a84-b8ae-ec7aff951925",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:32.000Z",
|
||
|
"modified": "2019-03-03T16:41:32.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'c78ccfc45bfba703cce0fc0c75c0f6af' AND file:hashes.SHA1 = '17c0bec9c6f16d9af7ba0a7146749f9f3d17e0a8' AND file:hashes.SHA256 = '2859b86854018bb4db2226e1ff14a4de4aa0187cd563c705d4ae1dbda0c07086']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:32.000Z",
|
||
|
"modified": "2019-03-03T16:41:32.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-02-23T16:45:33",
|
||
|
"category": "Other",
|
||
|
"uuid": "f2e2989e-1afd-49fd-b4eb-b00eda539cf1"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/2859b86854018bb4db2226e1ff14a4de4aa0187cd563c705d4ae1dbda0c07086/analysis/1550940333/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "5dfbab74-02f0-445a-933a-7173485f0392"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/58",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "cf67baac-6bb7-4743-8a91-eedce127bd5c"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:32.000Z",
|
||
|
"modified": "2019-03-03T16:41:32.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = '533ac97f44b4aea1a35481d963cc9106' AND file:hashes.SHA1 = '63489869fa9c5b1ed627bf9140b6824cb68efef6' AND file:hashes.SHA256 = '536eb0c00f1d4a39ddf9a2eca508897eb2064b4e28e25a3327626b53bad0319d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:32.000Z",
|
||
|
"modified": "2019-03-03T16:41:32.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2018-11-15T07:25:52",
|
||
|
"category": "Other",
|
||
|
"uuid": "82f7c9a1-2a75-45a9-8a1f-8ac0a31a0777"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/536eb0c00f1d4a39ddf9a2eca508897eb2064b4e28e25a3327626b53bad0319d/analysis/1542266752/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "f89c2dc4-7b36-48ea-a560-aefacd3e229b"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/51",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "071f1efb-072c-4361-82e8-773a30e28acf"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:32.000Z",
|
||
|
"modified": "2019-03-03T16:41:32.000Z",
|
||
|
"pattern": "[file:hashes.MD5 = 'd7c4a1d4f75045a2a1e324ae5114ea17' AND file:hashes.SHA1 = '7db7ff3b685c3fa5d7dd5ac394a7ccb3e8b42d76' AND file:hashes.SHA256 = '210d12b9fcead69094ca2046c55333c121451f7eec782dd42e220ff11fe7d349']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2019-03-03T16:41:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "file"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:name=\"file\"",
|
||
|
"misp:meta-category=\"file\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-object",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a",
|
||
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
||
|
"created": "2019-03-03T16:41:33.000Z",
|
||
|
"modified": "2019-03-03T16:41:33.000Z",
|
||
|
"labels": [
|
||
|
"misp:name=\"virustotal-report\"",
|
||
|
"misp:meta-category=\"misc\""
|
||
|
],
|
||
|
"x_misp_attributes": [
|
||
|
{
|
||
|
"type": "datetime",
|
||
|
"object_relation": "last-submission",
|
||
|
"value": "2019-03-01T11:38:53",
|
||
|
"category": "Other",
|
||
|
"uuid": "e97ebac1-5f62-456e-93eb-93cced4149ff"
|
||
|
},
|
||
|
{
|
||
|
"type": "link",
|
||
|
"object_relation": "permalink",
|
||
|
"value": "https://www.virustotal.com/file/210d12b9fcead69094ca2046c55333c121451f7eec782dd42e220ff11fe7d349/analysis/1551440333/",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "90fd9f63-25e4-42ec-8df6-2b2d0c3f40a7"
|
||
|
},
|
||
|
{
|
||
|
"type": "text",
|
||
|
"object_relation": "detection-ratio",
|
||
|
"value": "0/58",
|
||
|
"category": "Payload delivery",
|
||
|
"uuid": "ae6f8a84-4c7c-4d87-ba02-6833aaf1db82"
|
||
|
}
|
||
|
],
|
||
|
"x_misp_meta_category": "misc",
|
||
|
"x_misp_name": "virustotal-report"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--ea0fcb2f-70ff-4499-956c-2bafbd89c864",
|
||
|
"created": "2019-03-03T16:41:33.000Z",
|
||
|
"modified": "2019-03-03T16:41:33.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--0c6b7f2f-30ac-4fa2-958f-94fbb50f894e",
|
||
|
"target_ref": "x-misp-object--c45f991f-5f70-4419-b2b1-1ba1609a10af"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--b5d96a25-a510-4030-a9fe-810bf198d285",
|
||
|
"created": "2019-03-03T16:41:33.000Z",
|
||
|
"modified": "2019-03-03T16:41:33.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--f1f73447-1b14-4ae1-a8c4-4a094ae66416",
|
||
|
"target_ref": "x-misp-object--af3e2650-e6dd-453a-ab71-e3a22cc735c8"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--ad6b775f-f6ec-4d3b-87b8-154e55f8e4b8",
|
||
|
"created": "2019-03-03T16:41:33.000Z",
|
||
|
"modified": "2019-03-03T16:41:33.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--ad497e60-8895-4967-ae45-2a64ccac91d3",
|
||
|
"target_ref": "x-misp-object--d83f4778-c40d-4e7d-9acc-e8bcfd7c925b"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--0fabf3f4-d500-46c9-b67c-9a32742bccee",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--6e35a2c3-5a83-4c25-bbea-d304de8bef8a",
|
||
|
"target_ref": "x-misp-object--e1710ee5-770e-49a6-81a0-d534b641805a"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--26b89960-ff24-40a1-9c63-9b98a0e3ab5d",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--167cb709-e3ee-4fe9-bda9-e333b99cce0a",
|
||
|
"target_ref": "x-misp-object--b55a75d9-352b-4fd0-a6d8-7897395461b1"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--d4c94ba8-83ab-4032-9108-29c3dea281c6",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--ce897d99-d116-43d0-959b-fbe57566ea72",
|
||
|
"target_ref": "x-misp-object--46b426bf-55cc-44a4-a0b3-de40270414fe"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--e0ca12e9-0d8b-42cc-845d-1cc04adb4a29",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--61b1cb3e-62ee-4b70-a561-646f511bb520",
|
||
|
"target_ref": "x-misp-object--ad03d449-4454-44a2-a75e-3465ec582992"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--a80ac907-91af-4eca-b368-6276b77bf0b7",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--8268456e-e83d-4737-a7a8-06ea323d880c",
|
||
|
"target_ref": "x-misp-object--41dfaa85-2917-4a95-9674-f8091308d9e2"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--dd9d407f-b6fc-4a20-9ecb-ecc53f81fcf8",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--3b469718-143a-4a84-b8ae-ec7aff951925",
|
||
|
"target_ref": "x-misp-object--6a1a234d-b827-4ea9-af35-988c5eb536dc"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--762babe4-361c-4ed4-a400-35d34b37bc64",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--74ae1e56-ff5a-4f74-a56d-dc6157c32158",
|
||
|
"target_ref": "x-misp-object--24461164-3e40-49b2-94c0-0e997c7544f8"
|
||
|
},
|
||
|
{
|
||
|
"type": "relationship",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "relationship--b49504da-a02a-483e-9592-2ae60e3c1721",
|
||
|
"created": "2019-03-03T16:41:34.000Z",
|
||
|
"modified": "2019-03-03T16:41:34.000Z",
|
||
|
"relationship_type": "analysed-with",
|
||
|
"source_ref": "indicator--e3c014ed-fd41-4d0c-84aa-98ca3bd4c9dd",
|
||
|
"target_ref": "x-misp-object--dbb117e4-aa8b-4b11-8ef6-c52b2ce4e72a"
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|