adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/54931e3e-01d8-46fb-b801-2601950d210b.json

1278 lines
52 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--54931e3e-01d8-46fb-b801-2601950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:09:14.000Z",
"modified": "2014-12-18T19:09:14.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--54931e3e-01d8-46fb-b801-2601950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:09:14.000Z",
"modified": "2014-12-18T19:09:14.000Z",
"name": "OSINT 20141029B: Possible RedOctober APT Resurgence from ThreatConnect",
"published": "2014-12-18T19:55:30Z",
"object_refs": [
"indicator--549324df-b2a4-4dc8-9e26-4d86950d210b",
"indicator--549324df-97f4-40c8-8ce3-40dc950d210b",
"indicator--549324df-e9bc-4417-884c-4dae950d210b",
"indicator--549324df-59e0-4ead-a0df-4c75950d210b",
"indicator--549324e0-d238-4636-9d98-482b950d210b",
"indicator--549324e0-1ee0-4b3a-8e61-4aca950d210b",
"indicator--549324e0-e67c-4b7b-8ab5-4f12950d210b",
"indicator--549324e0-e4d0-489f-ad6f-47f2950d210b",
"indicator--549324e0-9b3c-4fb2-9966-42f1950d210b",
"indicator--549324e0-8f54-4e20-93e2-49ac950d210b",
"indicator--549324e0-1a48-4ed8-a976-435a950d210b",
"indicator--549324e0-81b0-4bb5-8a38-4a62950d210b",
"indicator--549324e0-07f4-4043-8333-4cb5950d210b",
"indicator--549324e0-3b08-4a22-97cf-4f2c950d210b",
"indicator--549324e0-f958-4c1f-ae8d-43cb950d210b",
"indicator--549324e0-1514-4cf6-bd50-4a34950d210b",
"indicator--549324e1-8e34-48e9-b721-4c8f950d210b",
"indicator--549324e1-a008-460c-80dd-4a67950d210b",
"indicator--549324e1-df54-49a2-8d32-4a11950d210b",
"indicator--549324e1-6224-4fdb-9e28-42f6950d210b",
"indicator--549324e1-46a0-49cd-af02-4c55950d210b",
"indicator--549324e1-ea20-402a-a2cc-4484950d210b",
"indicator--549324e1-2384-4f28-90a2-4d71950d210b",
"indicator--549324e1-8c5c-4a36-9549-4197950d210b",
"indicator--549324e1-0828-423a-a2f2-484b950d210b",
"indicator--549324e1-1568-4bb3-8f1c-4075950d210b",
"indicator--549324e1-3934-4180-adec-43b5950d210b",
"indicator--549324e1-1cd0-4576-bfca-4ea4950d210b",
"indicator--549324e2-78c0-4b88-b913-4b0a950d210b",
"indicator--549324e2-0314-43ef-84fb-4b41950d210b",
"indicator--549324e2-a2c0-494b-a7a6-4692950d210b",
"indicator--549324e2-0078-418d-8526-4799950d210b",
"indicator--549324e2-d718-4b19-94ef-40f9950d210b",
"indicator--549324e2-bd64-45d0-8c6e-4f1c950d210b",
"indicator--549324e2-0a10-4b20-b1fc-4ed1950d210b",
"indicator--549324e2-5284-4e54-a046-476f950d210b",
"indicator--549324e2-0238-4c84-86e2-4722950d210b",
"indicator--549324e2-3720-43ef-ac86-4456950d210b",
"indicator--549324e2-b358-49ce-ba3f-4142950d210b",
"indicator--549324e2-edf8-463e-b06e-46a7950d210b",
"indicator--549324e3-d5a4-4878-aa7e-42dc950d210b",
"indicator--549324e3-cdc4-4396-aa07-4ad4950d210b",
"indicator--549324e3-63f4-41bc-beb6-4cfa950d210b",
"indicator--549324e3-afe8-41f8-ae71-4b25950d210b",
"indicator--549324e3-1ed8-47da-8393-4cfa950d210b",
"indicator--549324e3-52f0-4bef-bfaa-4a07950d210b",
"indicator--549324e3-c23c-42bc-a3f9-45ea950d210b",
"indicator--549324e3-ef20-48ed-87b4-4975950d210b",
"x-misp-attribute--549324f6-6c14-43d3-a4fa-4c2d950d210b",
"x-misp-attribute--5493265a-0138-4896-984f-41ff950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324df-b2a4-4dc8-9e26-4d86950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:55.000Z",
"modified": "2014-12-18T19:02:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '049d7e36be1090fa0e2bd09b90d1cba2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324df-97f4-40c8-8ce3-40dc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:55.000Z",
"modified": "2014-12-18T19:02:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '073e3789386f99c43711052e22470f60334d41bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324df-e9bc-4417-884c-4dae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:55.000Z",
"modified": "2014-12-18T19:02:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '07d31a36f5297d84ade2ef3f0a3c9da5f45fbba6917502c839586a0075146f85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324df-59e0-4ead-a0df-4c75950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:55.000Z",
"modified": "2014-12-18T19:02:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '09c0f24323cdad3ed6de8843db5fe3e7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-d238-4636-9d98-482b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '0a07b922333fd47f41038328e081a89872397890']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-1ee0-4b3a-8e61-4aca950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '19ad782b0c58037b60351780b0f43e43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-e67c-4b7b-8ab5-4f12950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '1afa61f9ec93941ce56fbffa9f25a96b4314f0a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-e4d0-489f-ad6f-47f2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '1bf89631f92808720a3d638e4b41ba4a22a9b335']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-9b3c-4fb2-9966-42f1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '24742b9e5ac3a97453f277960b043240e923eea7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-8f54-4e20-93e2-49ac950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '2c3eefeb703476a7e7d986b4fac7077d99681befea66648f61ad121c5754b7df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-1a48-4ed8-a976-435a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '2e53d22a3825f476cd9ff5a1c08352eb63f6fd718bc084316a73ec8fd2117e3e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-81b0-4bb5-8a38-4a62950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '2eaed93b012b266d80460fca4bea917adbeb810e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-07f4-4043-8333-4cb5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '30c35e91967b2113963fc57fcf83d9bfac589f45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-3b08-4a22-97cf-4f2c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '3997a58bb47d24b34ee908518ed905e0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-f958-4c1f-ae8d-43cb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '411df0ad7d813e40d778f6c0eecf2d0dbf709993']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e0-1514-4cf6-bd50-4a34950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:56.000Z",
"modified": "2014-12-18T19:02:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '43a08ba59f3241b64fa81e4defaba51fb00b1753']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-8e34-48e9-b721-4c8f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '4624da84cae0f8b689169e24be8f7410']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-a008-460c-80dd-4a67950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '4a51a1008f24578a31569c67b58c856c496d5a7c81b33a8445c62838891bba99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-df54-49a2-8d32-4a11950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '4ba012c1d6dbd9382933e12c79d483a9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-6224-4fdb-9e28-42f6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '5e3ecfd7928822f67fbb3cd9c83be841']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-46a0-49cd-af02-4c55950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '6567e33aa5cd5baa50661234ac483ddce769b1f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-ea20-402a-a2cc-4484950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '6c28f1499061ee2e4025c904093c2d030e4f92386a170bb285d6b5ca35764466']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-2384-4f28-90a2-4d71950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '6c55ebe34222a2f04a8a2a8f354fb5e65aebbc34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-8c5c-4a36-9549-4197950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '7a83465a95c7e7498fd1eb968bbf4987a6128d9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-0828-423a-a2f2-484b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '7abcca36a792475eb2dbe4b79bb3422e33caa76721eef4d6b9696a3cfe8c37c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-1568-4bb3-8f1c-4075950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '7eff31587d1ee7aeb9b3cbb25e8beafe1da29b00d38cb9147a68b0da3fab798e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-3934-4180-adec-43b5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '822d842704596a2cf918863ea2116633']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e1-1cd0-4576-bfca-4ea4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:57.000Z",
"modified": "2014-12-18T19:02:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '93bb5e951f73fd02c530db79f09fb111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-78c0-4b88-b913-4b0a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '93bbfe4eea37dea738a5c7a92694ecac']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-0314-43ef-84fb-4b41950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '9738faf227bcd12bcab577a0fb58744d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-a2c0-494b-a7a6-4692950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '9b98f1022be219f6f1493cff0461f39f1fc85d673c426da9f922dd9f52c9e457']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-0078-418d-8526-4799950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'a0ad33322f926d35e0c12362ace7209a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-d718-4b19-94ef-40f9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'a2d485653cefef5cabfcd7d1256824f2d32333a71d69e0ca200d91ab6f5859ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-bd64-45d0-8c6e-4f1c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'a2f35786d8b62c47181dc1fd1667fac488b182f48948e93aa61c666bbcc73563']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-0a10-4b20-b1fc-4ed1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'a33e7a753c92a801262f7fa7157daf83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-5284-4e54-a046-476f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'b7645b49e6d91442024abe26fe545e65e82d4ec29f6fd81a0faab002f5f51c0f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-0238-4c84-86e2-4722950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'c65abc105a6264b549385bed7e4c3c9e7231a9ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-3720-43ef-ac86-4456950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'c71e1281a68a3fa6a3136c46c0684c38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-b358-49ce-ba3f-4142950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'c80d4a07480d6a0588b069fa1691de594188ba90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e2-edf8-463e-b06e-46a7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:58.000Z",
"modified": "2014-12-18T19:02:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'c9997cd7c39b8fb7a062b12813d0171b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-d5a4-4878-aa7e-42dc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'cd9b01113b4cca102cffacc4632a9d77d436f5b2386a81e41bde097b6678a625']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-cdc4-4396-aa07-4ad4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'd31975fa58bc6c16619d2220100f400e90e46e4f08387c602e3d2591e7a51d38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-63f4-41bc-beb6-4cfa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'd5b42893f185c4388a0a83a2d91d72e897fe583ba096478636ad72942da66225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-afe8-41f8-ae71-4b25950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'dacf428fde53d2e436564dba24bcd3996a90a3df5fc7c8e2e2ad715d6b90487b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-1ed8-47da-8393-4cfa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'e211c2bad9a83a6a4247ec3959e2a730']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-52f0-4bef-bfaa-4a07950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'f374d676b4a1a92fe183191270f0128a01b6eeab7e524030e24d9345009b5b88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-c23c-42bc-a3f9-45ea950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'f4f97f406a97b6be7000af530e3a3a9e3e69aa88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549324e3-ef20-48ed-87b4-4975950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:02:59.000Z",
"modified": "2014-12-18T19:02:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'f769fdae782fe1f96b1194545803fa77ab94ad1d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:02:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--549324f6-6c14-43d3-a4fa-4c2d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:03:18.000Z",
"modified": "2014-12-18T19:03:18.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Red October"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5493265a-0138-4896-984f-41ff950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:09:14.000Z",
"modified": "2014-12-18T19:09:14.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Data entered by David Andr\u00c3\u00a9"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink