adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/54932814-7834-4667-8b08-4c2f950d210b.json

1071 lines
43 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--54932814-7834-4667-8b08-4c2f950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--54932814-7834-4667-8b08-4c2f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"name": "OSINT 20141107B: Operation Poisoned Handover by ThreatConnect",
"published": "2014-12-18T19:57:19Z",
"object_refs": [
"x-misp-attribute--54932833-d47c-4d3e-805b-2601950d210b",
"x-misp-attribute--54932833-09d8-4d74-bd7f-2601950d210b",
"x-misp-attribute--54932841-47ac-4ae7-a61c-41c3950d210b",
"x-misp-attribute--54932861-54ac-4d81-ad2d-40cf950d210b",
"indicator--54932899-92dc-4687-86d8-4c28950d210b",
"indicator--54932899-c920-47d6-be13-4c26950d210b",
"indicator--54932899-04b8-4e92-939b-4831950d210b",
"indicator--54932899-b0ac-4ea3-b7eb-4f37950d210b",
"indicator--54932899-c588-41f8-8f04-4fa2950d210b",
"indicator--54932899-8864-4378-9983-4fa8950d210b",
"indicator--54932899-57f0-4954-8ff9-4406950d210b",
"indicator--54932899-4728-4bb3-bcf5-48c9950d210b",
"indicator--54932899-2d50-41a1-9a0e-483c950d210b",
"indicator--54932899-cd18-4c72-8c25-4295950d210b",
"indicator--54932899-8324-4f50-834e-4de4950d210b",
"indicator--5493289a-dbdc-4a7c-9d38-4b92950d210b",
"indicator--5493289a-a444-48f7-bd09-4589950d210b",
"indicator--5493289a-2308-4c86-b8a9-4c0d950d210b",
"indicator--5493289a-2dd0-4f90-a64f-409c950d210b",
"indicator--5493289a-254c-4198-bd39-4da5950d210b",
"indicator--5493289a-af78-4d51-b279-417c950d210b",
"indicator--5493289a-8c78-4c41-b6f0-4d8e950d210b",
"indicator--5493289a-7024-4070-89c1-467b950d210b",
"indicator--5493289a-6be4-4803-afda-4352950d210b",
"indicator--5493289a-0094-4b86-a2b4-45b5950d210b",
"indicator--5493289a-5b2c-43b6-945a-421b950d210b",
"indicator--5493289a-65a8-46e1-8dad-4892950d210b",
"observed-data--549328aa-7e68-43d9-8f37-484e950d210b",
"url--549328aa-7e68-43d9-8f37-484e950d210b",
"indicator--549328de-1634-44d1-8919-423a950d210b",
"indicator--549328de-7ca4-4499-a7dd-466b950d210b",
"indicator--549328df-8fa8-4e6f-8770-480d950d210b",
"indicator--549328df-83e4-449e-9012-4d91950d210b",
"indicator--549328df-5fd4-4e50-ae2a-42b3950d210b",
"indicator--549328df-5310-43bc-a706-474e950d210b",
"indicator--549328df-1258-437c-8787-4b33950d210b",
"indicator--549328df-d394-4ca0-b78e-4c54950d210b",
"indicator--549328df-2964-4d25-9bdb-4f2f950d210b",
"indicator--549328f5-0838-4ae9-a30c-442a950d210b",
"indicator--549328f5-4968-4769-91ea-4597950d210b",
"indicator--549328f5-cfdc-44a3-a6ae-486a950d210b",
"indicator--549328f5-3090-4b20-90bd-4ce7950d210b",
"indicator--549328f5-72c8-4545-b2be-4e03950d210b",
"indicator--549328f5-91f8-4b5f-a372-42b0950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54932833-d47c-4d3e-805b-2601950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:17:07.000Z",
"modified": "2014-12-18T19:17:07.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Poisoned Handover"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54932833-09d8-4d74-bd7f-2601950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:17:07.000Z",
"modified": "2014-12-18T19:17:07.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Poisoned Hurricane"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54932841-47ac-4ae7-a61c-41c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:17:21.000Z",
"modified": "2014-12-18T19:17:21.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Data entered by David Andr\u00c3\u00a9"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--54932861-54ac-4d81-ad2d-40cf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:01.000Z",
"modified": "2014-12-18T19:18:01.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "comment",
"x_misp_value": "Incident related to 20140806B: Operation Poisoned Hurricane targeting Hong Kong Pro-Democracy websites with DDoS attacks found in FireEye blog \"Operation Poisoned Handover\"."
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-92dc-4687-86d8-4c28950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'e2a4b96cce9de4fb126cfd5f5c73c3ed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-c920-47d6-be13-4c26950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '17bc9d2a640da75db6cbb66e5898feb1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-04b8-4e92-939b-4831950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'daf5dfe91f417b2ec50a19c07bc7d9f4ce467507f791c9dd71acaaf8a8360901']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-b0ac-4ea3-b7eb-4f37950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'caa5529010c17b969da01ade084794c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-c588-41f8-8f04-4fa2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '51748b7bb7db3d599e00440211f07e2d94a05793']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-8864-4378-9983-4fa8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '136e709cc83cbda0cd8ca6e46fe9e57202bd2699ca063f9d1a51602394c06ef3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-57f0-4954-8ff9-4406950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '84bd0809b1dbc2dc86f30d30faaa7e4e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-4728-4bb3-bcf5-48c9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'eba48a0b5fe89797150abf64c0d46f073f89b76c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-2d50-41a1-9a0e-483c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '79752dc96e971b697be5c9425b9485352adf1424dbb55dba0f8565b144059b68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-cd18-4c72-8c25-4295950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'c3d6450075d618b1edba17ee723eb3ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--54932899-8324-4f50-834e-4de4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:49.000Z",
"modified": "2014-12-18T19:18:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'd8079b683f025d1cd6529ebe1338a2578b809dc2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-dbdc-4a7c-9d38-4b92950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'ecf21054ab515946a812d1aa5c408ca5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-a444-48f7-bd09-4589950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '2bf948ba2a265346878a36740a32a55038d122bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-2308-4c86-b8a9-4c0d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '0b54ae49fd5a841970b98a078968cb6b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-2dd0-4f90-a64f-409c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '4b21534104eaa1a8f5d2273afd4292c3b55b045fe2ff3b09284dbacd42076106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-254c-4198-bd39-4da5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '0baa6b822c22856eb085590addb79431eb3ad83c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-af78-4d51-b279-417c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = '39bb90140fc0101f49377b6c60076f9d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-8c78-4c41-b6f0-4d8e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '00cd8c4f87a82b442509402a4f9e6a7a14dc78f286ace619702adfdd09b72f9f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-7024-4070-89c1-467b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = '03d047380078676b17617ce04a6585ab71640790']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-6be4-4803-afda-4352950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.MD5 = 'd08e038d318b94764d199d7a85047637']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-0094-4b86-a2b4-45b5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = 'c74c612fb5aa6924e5d7b6014932c02ab58c81def48503fbead3f0c22b8eea9e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-5b2c-43b6-945a-421b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA1 = 'c346a1d50b237c0360278442422e32ff0158322c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5493289a-65a8-46e1-8dad-4892950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:18:50.000Z",
"modified": "2014-12-18T19:18:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[file:hashes.SHA256 = '7896327da3087d3fc54581e69537825ae2789fc1a87086098a5f735fccf6a52d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:18:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--549328aa-7e68-43d9-8f37-484e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:06.000Z",
"modified": "2014-12-18T19:19:06.000Z",
"first_observed": "2014-12-18T19:19:06Z",
"last_observed": "2014-12-18T19:19:06Z",
"number_observed": 1,
"object_refs": [
"url--549328aa-7e68-43d9-8f37-484e950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--549328aa-7e68-43d9-8f37-484e950d210b",
"value": "https://app.threatconnect.com/tc/auth/incident/incident.xhtml?incident=167842"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328de-1634-44d1-8919-423a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:58.000Z",
"modified": "2014-12-18T19:19:58.000Z",
"pattern": "[domain-name:value = 'luxscena.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328de-7ca4-4499-a7dd-466b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:58.000Z",
"modified": "2014-12-18T19:19:58.000Z",
"pattern": "[domain-name:value = 'tommo.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-8fa8-4e6f-8770-480d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-83e4-449e-9012-4d91950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'wizapply.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-5fd4-4e50-ae2a-42b3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'ninekobe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-5310-43bc-a706-474e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'shinzenho.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-1258-437c-8787-4b33950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'nitori-tour.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-d394-4ca0-b78e-4c54950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'mizma.co.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328df-2964-4d25-9bdb-4f2f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:19:59.000Z",
"modified": "2014-12-18T19:19:59.000Z",
"pattern": "[domain-name:value = 'wakayamasatei.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-0838-4ae9-a30c-442a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'p.java-sec.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-4968-4769-91ea-4597950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'sp.you-maga.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-cfdc-44a3-a6ae-486a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'www.credo-biz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-3090-4b20-90bd-4ce7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'jre76.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-72c8-4545-b2be-4e03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'hk.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--549328f5-91f8-4b5f-a372-42b0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2014-12-18T19:20:21.000Z",
"modified": "2014-12-18T19:20:21.000Z",
"pattern": "[domain-name:value = 'u.java-se.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2014-12-18T19:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}
Reference in a new issue Copy permalink