10218 lines
516 KiB
JSON
10218 lines
516 KiB
JSON
|
{
|
||
|
"type": "bundle",
|
||
|
"id": "bundle--552bf030-0334-4134-af4a-4e9a950d210b",
|
||
|
"objects": [
|
||
|
{
|
||
|
"type": "identity",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2017-06-22T20:26:37.000Z",
|
||
|
"modified": "2017-06-22T20:26:37.000Z",
|
||
|
"name": "CthulhuSPRL.be",
|
||
|
"identity_class": "organization"
|
||
|
},
|
||
|
{
|
||
|
"type": "report",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "report--552bf030-0334-4134-af4a-4e9a950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2017-06-22T20:26:37.000Z",
|
||
|
"modified": "2017-06-22T20:26:37.000Z",
|
||
|
"name": "OSINT APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation by FireEye",
|
||
|
"published": "2017-06-22T20:27:11Z",
|
||
|
"object_refs": [
|
||
|
"x-misp-attribute--552bf041-1750-404c-9766-71c6950d210b",
|
||
|
"observed-data--552bf07d-dd0c-475f-951e-4d19950d210b",
|
||
|
"url--552bf07d-dd0c-475f-951e-4d19950d210b",
|
||
|
"observed-data--552bf07d-bd90-4757-8215-47a0950d210b",
|
||
|
"url--552bf07d-bd90-4757-8215-47a0950d210b",
|
||
|
"observed-data--552bf07d-cff8-4be3-9180-486f950d210b",
|
||
|
"url--552bf07d-cff8-4be3-9180-486f950d210b",
|
||
|
"observed-data--552bf07d-10a4-4ebe-92a7-4ee5950d210b",
|
||
|
"url--552bf07d-10a4-4ebe-92a7-4ee5950d210b",
|
||
|
"observed-data--552bf0c9-57b8-442b-bda6-df04950d210b",
|
||
|
"url--552bf0c9-57b8-442b-bda6-df04950d210b",
|
||
|
"indicator--d78eec96-0185-4c56-97d9-11104beeb076",
|
||
|
"indicator--b6afda3e-d6e0-4f92-b46a-a119dcbd53c1",
|
||
|
"indicator--e773bd6c-877e-4cc5-968e-a8b63bd3a7bb",
|
||
|
"indicator--7c3d1db7-ff5b-410c-8d0b-8d4fa1419f78",
|
||
|
"indicator--f56e7a0f-a26e-4b57-b2ef-5c2ec4a54b19",
|
||
|
"indicator--6062a265-5ac0-496f-b097-055b700706e4",
|
||
|
"indicator--0273bd10-b589-4a15-a78f-948d67827e18",
|
||
|
"indicator--bea9c5e0-aceb-4c4c-8fab-62c52c084690",
|
||
|
"indicator--8dfad9eb-40fa-4115-9b1a-671f042fdd60",
|
||
|
"indicator--c38ffcbd-0eac-46ef-977a-bfd1efc7790a",
|
||
|
"indicator--4142845b-2590-4898-856e-a69f40342c3c",
|
||
|
"indicator--10c68a77-a05b-4bca-b205-abb84de8081c",
|
||
|
"indicator--2af96154-9264-4033-a638-a8fe0c2e9c85",
|
||
|
"indicator--5b2706a8-22ed-46fd-ae2f-7fd2834a88d4",
|
||
|
"indicator--a9343e22-00c9-4c45-ada3-54064f8db706",
|
||
|
"indicator--0fd15c22-04c0-4836-93ee-b60ba6fa24ff",
|
||
|
"indicator--6a88b146-51c1-417c-b7d6-31aa9a055d6a",
|
||
|
"indicator--87df9cc9-179a-4b5e-b101-7f03dcf4484b",
|
||
|
"indicator--6501be09-28d6-4615-a130-2edd9a08bfd3",
|
||
|
"indicator--31252426-57fe-40c1-a9cd-7c86450f8034",
|
||
|
"indicator--ca1c571d-226b-4453-a83f-7fe1f123c270",
|
||
|
"indicator--31d5abed-df4e-4ece-bc2f-4556d45628ac",
|
||
|
"indicator--3d0c5639-32c0-4e96-941c-edc0795a8106",
|
||
|
"indicator--e03f8b41-33fb-4133-91bc-4dfeb4368c65",
|
||
|
"indicator--05b4fec2-fed7-4914-af2a-4e6b32eb8754",
|
||
|
"indicator--54a6a09a-3a63-4e4f-8186-f43356f57508",
|
||
|
"indicator--bd99867b-9479-4361-a0d1-3a2c6564b34a",
|
||
|
"indicator--0293b222-6042-44bb-8729-5dc6aa4bbd15",
|
||
|
"indicator--69b25f3a-9f6b-469f-b5c2-1e0b8eee4f17",
|
||
|
"indicator--6bb01a4e-f2c8-4fdf-a5e7-88748b9ebd83",
|
||
|
"indicator--3aef674c-95e4-4b0d-862b-18c7f59233f2",
|
||
|
"indicator--8907b71a-c027-4623-8dc2-e072f03abe12",
|
||
|
"indicator--c4b8a99e-8055-4d65-bc9e-27b0ef281ad5",
|
||
|
"indicator--131e5c5c-b052-4d70-82cf-990bb9fe7d8e",
|
||
|
"indicator--1fc70258-05bd-4dbe-b62e-be1f53478a44",
|
||
|
"indicator--20adc990-2a82-4496-b677-a437ae886730",
|
||
|
"indicator--4c0222e2-e62f-4146-ac5f-3ceb224d78a6",
|
||
|
"indicator--f11ba2f8-a09a-4197-ad40-8e0b797a11b8",
|
||
|
"indicator--55956280-ee18-4d5d-8c00-468306380aed",
|
||
|
"indicator--a305c015-262d-4826-8996-a52acb4e8a70",
|
||
|
"indicator--8707d7fd-3354-42f9-93d5-54df1294a7e9",
|
||
|
"indicator--d83b36f6-24a3-4486-bb45-4af415ee7baa",
|
||
|
"indicator--28b639a5-0c2a-4c4c-8a03-378edd9d7fd5",
|
||
|
"indicator--05ee3963-4d52-4188-8728-983d6dc7f883",
|
||
|
"indicator--1c9045ad-2de8-4e08-9fc8-2d9f92326784",
|
||
|
"indicator--c3598b9c-f61a-4167-8507-9f7c45fe216c",
|
||
|
"indicator--d49eed1f-b083-44d3-89aa-967792b4fee2",
|
||
|
"indicator--7f140885-232a-46ad-82ae-d6bc196693ef",
|
||
|
"indicator--63ff1c8f-9fa3-4996-a1f2-22bc4e412838",
|
||
|
"indicator--18d19857-0402-4db1-803e-6f87715eb651",
|
||
|
"indicator--dfcc0a93-9da2-4f42-8ff4-92efee7b6135",
|
||
|
"indicator--4fde69c0-2f59-4d2c-9e41-72df0bf9e8f5",
|
||
|
"indicator--8469af12-ebf7-4d40-ae3c-aea135de1639",
|
||
|
"indicator--4ddeb872-8cec-456d-8a76-e9c11336a38f",
|
||
|
"indicator--98fd3c4b-a7a0-4071-b66b-8a29366e687b",
|
||
|
"indicator--5056d0e4-9c3b-4a7f-83c6-5ddeaa387a40",
|
||
|
"indicator--a6b7f14d-5c10-4c52-b1e2-cbd108db8a40",
|
||
|
"indicator--357f9f9c-9eb6-46ba-95bd-284cfaf8570d",
|
||
|
"indicator--e98007aa-823d-43d1-84d8-97fb49c61abb",
|
||
|
"indicator--bb6c8943-0ddc-465a-8c2d-86dcaaf0e367",
|
||
|
"indicator--c53fa78b-dbaf-4559-b5a1-292011664330",
|
||
|
"indicator--4ae510d5-7c29-4621-af1f-83af1057ea68",
|
||
|
"indicator--03c02ca4-d68d-4631-80ca-7e8e11c93a28",
|
||
|
"indicator--c0468558-9d28-49d8-bc30-09dbe197bc9d",
|
||
|
"indicator--7b627c1d-419c-4a72-bc32-0851addbd95c",
|
||
|
"indicator--dcc7724b-4e41-4b77-865d-cb7d7a097f1a",
|
||
|
"indicator--0571e49b-6fae-45a0-8480-8664490675ce",
|
||
|
"indicator--68bede53-3e0d-40d5-9249-287590c9b762",
|
||
|
"indicator--88f55291-dee4-4e56-a75d-a04bda057814",
|
||
|
"indicator--2412edb1-aa0d-4525-aaa6-4fddb7027924",
|
||
|
"indicator--7a81ed18-75a9-4cee-846d-1c31808f8f4f",
|
||
|
"indicator--c6361694-846c-4e0a-9f45-cadc7ea4b120",
|
||
|
"indicator--a7be6d63-e08c-4a20-a27c-e1702422f8b4",
|
||
|
"indicator--bac5d0b3-93fb-4342-8ba9-f4d4dec30ecd",
|
||
|
"indicator--aa906ab7-81ba-4255-b470-98d325cb7d18",
|
||
|
"indicator--97428e9d-a591-466f-83e7-a732f030f4d2",
|
||
|
"indicator--eb54b9fe-7685-4bbd-87b0-070cab14b4e2",
|
||
|
"indicator--0dc25b87-0597-49c5-a8c4-d48da5b1803b",
|
||
|
"indicator--2f2cb495-a8d3-4052-8714-755e427276ac",
|
||
|
"indicator--e0965d8b-696b-4fb8-bd76-4e7b8428ba2b",
|
||
|
"indicator--ce813283-5cab-4fa1-bfad-c4a4e3fad5aa",
|
||
|
"indicator--ef3ac4d0-4962-428b-b712-49968019533e",
|
||
|
"indicator--dfccf54a-6f3b-4900-bfec-663bb631bb63",
|
||
|
"indicator--0109decc-ea4f-438a-b755-8f7241a83fbc",
|
||
|
"indicator--ce538644-8547-4bdf-a8d8-1200860e5b57",
|
||
|
"indicator--cfbe7713-417c-48a8-bf65-4b72253e27bb",
|
||
|
"indicator--f0301dd8-21fd-4939-a931-1ff5f62f5314",
|
||
|
"indicator--8237ad91-a88d-4ade-adb2-cf5fae669acf",
|
||
|
"indicator--6199a0e2-17d3-4f96-84d4-0ff2af175b5b",
|
||
|
"indicator--87fcb68c-763e-4e68-8d49-1ea375ad81c4",
|
||
|
"indicator--fdcb2861-bec3-4b41-a7ae-eb90bca2a26f",
|
||
|
"indicator--6a011ba5-2c4c-410e-9716-66400f065d57",
|
||
|
"indicator--7fd49b98-676f-4f37-9943-2ce8d1ac03c1",
|
||
|
"indicator--a5cd1211-26ba-44d9-ab97-fec34bb2c273",
|
||
|
"indicator--2f00f3e3-b10d-40c1-bbad-a6e0543abc57",
|
||
|
"indicator--2fd6a441-d94f-4e16-b36a-d3fad5bfc610",
|
||
|
"indicator--56eb62ef-a96c-419a-89ec-ca343638a5c5",
|
||
|
"indicator--ab267aec-c92e-4c05-b13c-3821a8abea53",
|
||
|
"indicator--391b7556-1b08-4438-a3ab-020c04e38e3d",
|
||
|
"indicator--341d5f02-f6ac-4fb8-8267-9a19f775a7a1",
|
||
|
"indicator--26d0919e-1569-4a6d-b225-667fec15a780",
|
||
|
"indicator--b226154a-a4ae-4dcb-9859-755b161fefad",
|
||
|
"indicator--d8bba4f5-1c0d-499c-a20f-521050a788e3",
|
||
|
"indicator--8233f30b-c226-485a-9b5b-d2c17aaf0d48",
|
||
|
"indicator--d23624d8-0b48-4bde-ae63-409a7cca4b1e",
|
||
|
"indicator--610f314f-ecc3-4127-bdf5-0a63a7d44e90",
|
||
|
"indicator--6d3a84b8-eb31-43c8-aa93-10b39f8ea551",
|
||
|
"indicator--b5b4ac61-9c62-4928-a5b3-3bd0a3c4711c",
|
||
|
"indicator--0898f001-d016-418b-8329-bafb20027c91",
|
||
|
"indicator--9e4ebd41-0f30-483c-87e1-e15ce30b9ff1",
|
||
|
"indicator--da16e640-f48f-4be8-bed7-ec984cda339e",
|
||
|
"indicator--81cb441a-120e-40e5-975c-8375eb83ae17",
|
||
|
"indicator--cc115655-3d5c-4df3-8076-257ca1c00933",
|
||
|
"indicator--3f625a02-cc3c-4059-a4e3-d3eeb2818db2",
|
||
|
"indicator--8eee525f-5cab-49c6-bbba-aa096940ccb0",
|
||
|
"indicator--2d4a26fd-6a18-4a2d-b2a2-0f06472f057f",
|
||
|
"indicator--3c5d9909-5182-424b-9452-90f553d1de56",
|
||
|
"indicator--7279f6ab-fb3d-4fdc-bc88-15cb5086f39a",
|
||
|
"indicator--2bf4eafd-28db-4ea8-8d8b-fbd1edbd64f5",
|
||
|
"indicator--74c142de-a53b-4435-a7cf-becbdbbecb43",
|
||
|
"indicator--fd5dc351-2132-42ef-9771-3df03a8dce64",
|
||
|
"indicator--c14c299c-87d3-4e02-a883-9be4a8bb0f35",
|
||
|
"indicator--dfe3e007-7754-4d8d-ada4-37fa382dbdd7",
|
||
|
"indicator--e2ac7ac5-81f5-4dad-ae30-46402301cb1c",
|
||
|
"indicator--6b046a17-6aaf-4fef-a69d-dd9588393a3b",
|
||
|
"indicator--30c95835-0a40-43b4-b410-a351df508ae2",
|
||
|
"indicator--97cc727a-a2cc-4bfe-94cc-e99766432944",
|
||
|
"indicator--22920364-e74b-4063-91df-e3c440bd8e56",
|
||
|
"indicator--67b5c6c8-0f22-4f7b-b482-8582cd0702bb",
|
||
|
"indicator--d2071393-ed2d-4724-b27a-8863ce1d191d",
|
||
|
"indicator--3b6b5494-69f9-47c8-8c4e-27cd178b4dc1",
|
||
|
"indicator--bba2b615-54cd-4b16-8924-ddb1a395ace9",
|
||
|
"indicator--936684b2-3596-49d9-bfdb-14bef6208f3c",
|
||
|
"indicator--db5200f5-bb87-4f80-8ecb-764ac1a5256d",
|
||
|
"indicator--82a79c79-3f3b-4a2e-8a42-1e8e9ed876a0",
|
||
|
"indicator--4618ad53-998c-42ed-9264-59672106b42a",
|
||
|
"indicator--d9ae5fca-a6d4-447b-9d52-de2984e3c317",
|
||
|
"indicator--1f2ba7e1-106a-4ec1-ac28-277744349fca",
|
||
|
"indicator--3af25fe5-8a3c-4532-9924-f2ef7c2696d7",
|
||
|
"indicator--c40aeb2a-a095-4f95-8e84-97f9f723e7b0",
|
||
|
"indicator--5d2895d8-1864-495b-ae0c-12037b9c05b4",
|
||
|
"indicator--7301f0a3-95ec-4f85-8eb8-fbb16f116893",
|
||
|
"indicator--e5079dc6-b69f-4a33-82ae-6c3ab87487ac",
|
||
|
"indicator--e12cc8f6-8e11-4f00-9bfe-8eebe2825373",
|
||
|
"indicator--e4d281a8-ffa9-4734-8043-9a376daba3e8",
|
||
|
"indicator--386a9dab-c2d0-4ccf-aa21-0e7d3470f0f5",
|
||
|
"indicator--12a35b31-063a-49c8-a029-78912d0014e7",
|
||
|
"indicator--d95b406f-1444-4d1e-8c3c-205986a5514c",
|
||
|
"indicator--43617670-f98b-4e29-9f12-ea5b22d4a1bc",
|
||
|
"indicator--e1c7bf80-5ee7-4558-9ae5-5a91381ee41e",
|
||
|
"indicator--131a039b-1671-473a-bd01-2a827fd44539",
|
||
|
"indicator--cbfa1b14-2ac1-458b-88f9-1d672ff5ecd2",
|
||
|
"indicator--eb35ae44-2368-4eb3-8a50-244faa44d43f",
|
||
|
"indicator--1ddb1748-55af-448c-9e33-4e3e207472e1",
|
||
|
"indicator--ccbe189e-a397-4b74-82a2-72ea7ac39cdf",
|
||
|
"indicator--8547f9f0-7a0f-48d1-b764-4dfeb3653456",
|
||
|
"indicator--5baeab02-7983-468e-8cee-6d39d5b3f4bb",
|
||
|
"indicator--586a24e1-e31a-4d57-808c-c5d45bd9e09e",
|
||
|
"indicator--ee3dcfa5-433f-44b5-8a96-ecda2d12d48c",
|
||
|
"indicator--71379bd3-7a13-4fad-b529-9aa947358007",
|
||
|
"indicator--9efe3121-a178-44ec-b59f-cd4da3812db4",
|
||
|
"indicator--afdc317d-58ef-4c40-9a55-1f44250e20bf",
|
||
|
"indicator--4566281e-cc26-4344-894a-7d683fe3f2a8",
|
||
|
"indicator--374a6d58-c7df-49f5-b763-cca417c5f90c",
|
||
|
"indicator--37aa4549-b01d-473d-aa96-67b6e5650988",
|
||
|
"indicator--b6d25967-8393-431d-a88b-2fee8bc4c36c",
|
||
|
"indicator--9ea9771c-e825-4573-a56f-497a15e957c9",
|
||
|
"indicator--6a9f1f57-7471-4cc9-bcb5-eec1344e0df7",
|
||
|
"indicator--e4c9bb68-b9ec-4c6e-88c9-a4d242df1f69",
|
||
|
"indicator--5d4efd11-fb77-42e8-92db-a33b35b10ff2",
|
||
|
"indicator--472f681a-bcfb-41d7-a2b8-141870f2aa9b",
|
||
|
"indicator--f641caef-f28f-44b5-b5bd-4919d2e388fb",
|
||
|
"indicator--8e7df5c0-0336-4c2b-9c87-5f92cf9339f3",
|
||
|
"indicator--cbb29372-1bea-4796-9f08-13e560695562",
|
||
|
"indicator--2f932e2b-38d6-4935-8f5b-319736836426",
|
||
|
"indicator--b15c6365-ed78-4d29-8606-1024b8e0fda5",
|
||
|
"x-misp-attribute--552bf0e3-8268-4389-88fe-4590950d210b",
|
||
|
"x-misp-attribute--552bf0e3-877c-40d9-a4be-4066950d210b",
|
||
|
"x-misp-attribute--552bf0e3-8bc8-4a62-b2aa-4427950d210b",
|
||
|
"observed-data--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"file--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"artifact--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"x-misp-attribute--552bf27b-80f4-45b3-9b66-5cfb950d210b",
|
||
|
"x-misp-attribute--552bf27b-ce3c-48a5-b50a-5cfb950d210b",
|
||
|
"x-misp-attribute--552bf27b-7fcc-46a5-a0f9-5cfb950d210b",
|
||
|
"x-misp-attribute--552bf27b-dc74-4e5a-9297-5cfb950d210b",
|
||
|
"x-misp-attribute--552bf27b-a938-4bc8-b326-5cfb950d210b",
|
||
|
"indicator--552bf2c8-f500-4d84-bb27-f25f950d210b",
|
||
|
"indicator--552bf2c8-82b4-496a-b870-f25f950d210b",
|
||
|
"indicator--552bf2c8-e7ac-4bd6-b7b9-f25f950d210b",
|
||
|
"indicator--552bf2c8-5af4-46f0-a140-f25f950d210b",
|
||
|
"indicator--552bf2c8-dbf0-481c-9705-f25f950d210b",
|
||
|
"indicator--552bf2c8-583c-415d-b0d7-f25f950d210b",
|
||
|
"indicator--552bf2c8-2dfc-400f-b703-f25f950d210b",
|
||
|
"indicator--552bf2c9-b1d8-4fb6-9e71-f25f950d210b",
|
||
|
"indicator--552bf2c9-c95c-4be5-9a9f-f25f950d210b",
|
||
|
"indicator--552bf2c9-ac88-4d93-972b-f25f950d210b",
|
||
|
"indicator--552bf2c9-bca0-46c2-9a21-f25f950d210b",
|
||
|
"indicator--552bf2c9-7fa0-42cc-943c-f25f950d210b",
|
||
|
"indicator--552bf2c9-93a0-4552-8abf-f25f950d210b",
|
||
|
"indicator--552bf2c9-1734-4880-b8ba-f25f950d210b",
|
||
|
"indicator--552bf2c9-06e0-451f-b07b-f25f950d210b",
|
||
|
"indicator--552bf2c9-f53c-40d9-b912-f25f950d210b",
|
||
|
"indicator--552bf2c9-edc0-4437-a5b6-f25f950d210b",
|
||
|
"indicator--552bf2c9-5d20-429a-a609-f25f950d210b",
|
||
|
"indicator--552bf2ca-20a0-49c9-a249-f25f950d210b",
|
||
|
"indicator--56c659a8-ede8-4ab8-9785-c651950d210f",
|
||
|
"indicator--56c659aa-ed3c-447c-af57-c652950d210f",
|
||
|
"indicator--56c659ab-d924-433c-b3a7-4e54950d210f",
|
||
|
"indicator--56c659ad-570c-4cee-b5d5-c654950d210f",
|
||
|
"indicator--56c659af-b3c4-4206-8f02-c652950d210f",
|
||
|
"indicator--56c659b1-c9a4-46b5-ac41-c653950d210f",
|
||
|
"indicator--56c659b3-3dac-44aa-bbed-599c950d210f",
|
||
|
"indicator--56c659b5-1d84-42ee-8b72-c653950d210f",
|
||
|
"indicator--56c659b6-ab14-451a-908d-59a1950d210f",
|
||
|
"indicator--56c659b8-a1ac-4f8f-bb18-4be7950d210f",
|
||
|
"indicator--56c659b9-3fdc-4e51-8b2f-c654950d210f",
|
||
|
"indicator--56c659bb-ca80-433a-a682-48bf950d210f",
|
||
|
"indicator--56c659bd-bb9c-4e0e-8c4a-599f950d210f",
|
||
|
"indicator--56c659be-60e0-482e-af22-c652950d210f",
|
||
|
"indicator--56c659c0-5594-49aa-84a7-4f2b950d210f",
|
||
|
"indicator--56c659c1-ab20-48b9-8bb4-599c950d210f",
|
||
|
"indicator--56c659c3-fd2c-4375-a4eb-5f51950d210f",
|
||
|
"indicator--56c659c5-e5e4-4f3c-8a84-599c950d210f",
|
||
|
"indicator--56c659c7-f97c-4eb4-815d-c653950d210f",
|
||
|
"indicator--56c659c8-41c8-4612-8656-5ca1950d210f",
|
||
|
"indicator--56c659ca-32e8-4b6f-96e6-599c950d210f",
|
||
|
"indicator--56c659cc-b070-4209-aefb-c653950d210f",
|
||
|
"indicator--56c659cd-317c-473e-90b6-c650950d210f",
|
||
|
"indicator--56c659cf-9cf0-4d89-b7ad-59a2950d210f",
|
||
|
"indicator--56c659d1-2ef0-4f5c-b141-48a1950d210f",
|
||
|
"indicator--56c659d3-6d08-44d5-a133-c654950d210f",
|
||
|
"indicator--56c659d4-2f04-4885-9311-c653950d210f",
|
||
|
"indicator--56c659d6-f4a8-47f3-b47d-c651950d210f",
|
||
|
"indicator--56c659d8-fdd0-442e-89cd-c650950d210f",
|
||
|
"indicator--56c659d9-0a80-4e32-8377-c653950d210f",
|
||
|
"indicator--56c659db-7db4-49ce-8177-4088950d210f",
|
||
|
"indicator--56c659dd-c6a8-4cee-a36a-5f51950d210f",
|
||
|
"indicator--56c659de-4550-4c0a-b7c6-59a3950d210f",
|
||
|
"indicator--56c659e0-6428-405a-84a1-c654950d210f",
|
||
|
"indicator--56c659e2-8fd0-4291-8e45-4d3a950d210f",
|
||
|
"indicator--56c659e3-0cf0-437a-afb6-59a4950d210f",
|
||
|
"indicator--56c659e5-5eec-4ab0-90a7-49c7950d210f",
|
||
|
"indicator--56c659e7-67b4-4feb-b712-5f51950d210f",
|
||
|
"indicator--56c659ea-4608-4d0c-90a4-599c950d210f",
|
||
|
"indicator--56c659eb-c060-4aab-a99c-c654950d210f",
|
||
|
"indicator--56c659ed-f02c-4a6c-9c4d-5f51950d210f",
|
||
|
"indicator--56c659ef-961c-4203-8a8b-c652950d210f",
|
||
|
"indicator--56c659f1-e534-4ddb-9245-599d950d210f",
|
||
|
"indicator--56c659f2-b01c-4f53-8b2d-c650950d210f",
|
||
|
"indicator--56c659f4-7678-4a41-b48e-405c950d210f",
|
||
|
"indicator--56c659f6-23c4-4e68-a872-472c950d210f",
|
||
|
"indicator--56c659f7-bee8-411a-b73e-4d61950d210f",
|
||
|
"indicator--56c659f9-378c-46ca-a86c-59a1950d210f",
|
||
|
"indicator--56c659fb-3588-4dff-a369-4fb0950d210f",
|
||
|
"indicator--56c659fd-dbf0-477c-90ee-c652950d210f",
|
||
|
"indicator--56c659fe-95ac-49f6-90cb-59a2950d210f",
|
||
|
"indicator--56c65a00-10fc-49d6-86b6-4cd2950d210f",
|
||
|
"indicator--56c65a02-3cd8-44d4-b33f-599f950d210f",
|
||
|
"indicator--56c65a04-1624-40a6-92fa-599e950d210f",
|
||
|
"indicator--56c65a05-540c-4325-b98a-599d950d210f",
|
||
|
"indicator--56c65a07-86bc-47be-aa09-c652950d210f",
|
||
|
"indicator--56c65a09-a714-4042-ab21-48c2950d210f",
|
||
|
"indicator--56c65a0b-fba0-4ab9-83fa-c651950d210f",
|
||
|
"indicator--56c65a0d-65e8-4776-9996-59a1950d210f",
|
||
|
"indicator--56c65a0e-9474-494f-b3cb-59a3950d210f",
|
||
|
"indicator--56c65a10-bcb0-41ca-80e9-c652950d210f",
|
||
|
"indicator--56c65a12-09f8-4612-86b4-59a1950d210f",
|
||
|
"indicator--56c65a13-6eb4-449a-ba2d-599d950d210f",
|
||
|
"indicator--56c65a15-7bec-4416-b04d-c651950d210f",
|
||
|
"indicator--56c65a17-3120-4a85-94d7-59a4950d210f",
|
||
|
"indicator--56c65a19-fbd0-4051-9625-4156950d210f",
|
||
|
"indicator--56c65a1a-5c0c-4d7d-99d4-599e950d210f",
|
||
|
"indicator--56c65a1c-5b30-4cb2-9a98-5f51950d210f",
|
||
|
"indicator--56c65a1e-f84c-41db-8383-5ca1950d210f",
|
||
|
"indicator--56c65a21-20f8-4bd2-9013-59a2950d210f",
|
||
|
"indicator--56c65a22-bf08-42fe-8e05-c652950d210f",
|
||
|
"indicator--56c65a24-ad7c-43ec-9b52-4162950d210f",
|
||
|
"indicator--56c65a26-e8b8-4556-9a98-599e950d210f",
|
||
|
"indicator--56c65a28-6abc-4ff4-9bbd-59a4950d210f",
|
||
|
"indicator--56c65a29-f3b4-4179-b14d-59a1950d210f",
|
||
|
"indicator--56c65a2b-88f4-4e73-98a8-c650950d210f",
|
||
|
"indicator--56c65a2d-4d24-4e79-aa52-599c950d210f",
|
||
|
"indicator--56c65a30-9d28-46b8-82e8-59a4950d210f",
|
||
|
"indicator--56c65a32-bd1c-4c51-912f-599f950d210f",
|
||
|
"indicator--56c65a34-93ec-4c26-9df3-4077950d210f",
|
||
|
"indicator--56c65a36-2978-4033-beb0-59a0950d210f",
|
||
|
"indicator--56c65a38-fdcc-4791-9a0d-c654950d210f",
|
||
|
"indicator--56c65a39-98ec-45e3-a0d3-5ca1950d210f",
|
||
|
"indicator--56c65a3b-9ad4-4566-bc16-4022950d210f",
|
||
|
"indicator--56c65a3d-b5b0-4701-bb3e-599e950d210f",
|
||
|
"indicator--56c65a3e-c468-42a0-bd84-59a4950d210f",
|
||
|
"indicator--56c65a40-10fc-4f6c-a952-59a1950d210f",
|
||
|
"indicator--56c65a42-48e0-49b3-bbcc-c654950d210f",
|
||
|
"indicator--56c65a44-7408-45ad-979f-c652950d210f",
|
||
|
"indicator--56c65a47-f674-47d9-8143-c653950d210f",
|
||
|
"indicator--56c65a49-27ac-4d83-813a-5f51950d210f",
|
||
|
"indicator--56c65a4a-d784-4603-85a3-c653950d210f",
|
||
|
"indicator--56c65a4c-6ec8-4e75-924d-c652950d210f",
|
||
|
"indicator--56c65a4e-fbe8-474e-84a5-599d950d210f",
|
||
|
"indicator--56c65a50-a8b4-48ac-b36b-4917950d210f",
|
||
|
"indicator--56c65a51-1820-438d-af1f-4345950d210f",
|
||
|
"indicator--56c65a54-fad8-475a-9686-59a4950d210f",
|
||
|
"indicator--56c65a57-967c-466b-ac2b-5ca1950d210f",
|
||
|
"indicator--56c65a59-547c-4687-932c-59a1950d210f",
|
||
|
"indicator--56c65a5a-8dd8-43f4-ab52-c653950d210f",
|
||
|
"indicator--56c659a9-7a18-4d5a-a954-599c950d210f",
|
||
|
"indicator--56c659ab-8d44-46a6-ba09-491c950d210f",
|
||
|
"indicator--56c659ac-eebc-4361-b07f-599f950d210f",
|
||
|
"indicator--56c659ae-5eb0-4cab-947f-599d950d210f",
|
||
|
"indicator--56c659b0-2008-4ea0-869b-c650950d210f",
|
||
|
"indicator--56c659b2-2308-4157-ab12-59a3950d210f",
|
||
|
"indicator--56c659b4-eec4-4dac-8f03-5ca1950d210f",
|
||
|
"indicator--56c659b5-7c2c-4ad7-917c-4c9c950d210f",
|
||
|
"indicator--56c659b7-8b14-488f-a8d5-5f51950d210f",
|
||
|
"indicator--56c659b9-71cc-4a6e-9c0b-c651950d210f",
|
||
|
"indicator--56c659ba-6fd8-4d42-af75-4860950d210f",
|
||
|
"indicator--56c659bc-6280-4029-9aeb-4823950d210f",
|
||
|
"indicator--56c659bd-e3e0-4ae9-8cda-c651950d210f",
|
||
|
"indicator--56c659bf-48f4-4323-98be-c650950d210f",
|
||
|
"indicator--56c659c1-0514-4706-be20-c654950d210f",
|
||
|
"indicator--56c659c2-f67c-458f-8b64-59a2950d210f",
|
||
|
"indicator--56c659c4-335c-4deb-a049-59a4950d210f",
|
||
|
"indicator--56c659c6-2670-47ea-bc4e-c654950d210f",
|
||
|
"indicator--56c659c7-2df4-414d-98bd-4643950d210f",
|
||
|
"indicator--56c659c9-030c-431d-a10c-59a1950d210f",
|
||
|
"indicator--56c659cb-6f74-4835-be42-c652950d210f",
|
||
|
"indicator--56c659cc-118c-48e6-9d97-599f950d210f",
|
||
|
"indicator--56c659ce-c030-4468-964b-59a1950d210f",
|
||
|
"indicator--56c659d0-e138-4ca9-b418-c651950d210f",
|
||
|
"indicator--56c659d2-8b38-44aa-a26d-5ca1950d210f",
|
||
|
"indicator--56c659d3-1a14-47b8-bbfa-c652950d210f",
|
||
|
"indicator--56c659d5-bd98-4324-a950-5ca1950d210f",
|
||
|
"indicator--56c659d7-f638-4872-9b15-59a4950d210f",
|
||
|
"indicator--56c659d8-27d8-4aec-91c7-599f950d210f",
|
||
|
"indicator--56c659da-bfc8-4c9a-a197-599d950d210f",
|
||
|
"indicator--56c659dc-7d28-4897-a897-5ca1950d210f",
|
||
|
"indicator--56c659dd-f0e8-4e62-a1c2-59a2950d210f",
|
||
|
"indicator--56c659df-7670-4f93-8fb3-599c950d210f",
|
||
|
"indicator--56c659e1-735c-4036-a871-599e950d210f",
|
||
|
"indicator--56c659e3-8444-4d24-aa23-59a2950d210f",
|
||
|
"indicator--56c659e4-46d4-48d0-bd17-c650950d210f",
|
||
|
"indicator--56c659e6-b3b4-493c-b456-5ca1950d210f",
|
||
|
"indicator--56c659e8-b510-4ce6-b37e-4c16950d210f",
|
||
|
"indicator--56c659eb-e9d0-4f5f-8627-59a2950d210f",
|
||
|
"indicator--56c659ec-03a4-433a-bda0-c651950d210f",
|
||
|
"indicator--56c659ee-049c-4414-9cd3-c650950d210f",
|
||
|
"indicator--56c659f0-a690-40ff-8b53-c654950d210f",
|
||
|
"indicator--56c659f1-9d3c-4933-ae7e-40b1950d210f",
|
||
|
"indicator--56c659f3-9570-48c7-b376-599f950d210f",
|
||
|
"indicator--56c659f5-0d50-4f71-a08f-c650950d210f",
|
||
|
"indicator--56c659f7-1bec-4860-abac-599f950d210f",
|
||
|
"indicator--56c659f8-e010-4b50-ad22-c652950d210f",
|
||
|
"indicator--56c659fa-6024-4a8b-96dc-599f950d210f",
|
||
|
"indicator--56c659fc-ceb4-41f6-9863-599c950d210f",
|
||
|
"indicator--56c659fd-b4f4-4f3d-a756-59a1950d210f",
|
||
|
"indicator--56c659ff-5ecc-4f42-8a46-5ca1950d210f",
|
||
|
"indicator--56c65a01-df4c-43f0-bc96-599d950d210f",
|
||
|
"indicator--56c65a03-ab84-4fd2-9ec8-5f51950d210f",
|
||
|
"indicator--56c65a04-5528-4ccb-bc7f-c654950d210f",
|
||
|
"indicator--56c65a06-8aa4-48bf-8b48-c651950d210f",
|
||
|
"indicator--56c65a08-ebc0-4822-b33c-48b3950d210f",
|
||
|
"indicator--56c65a0a-81b8-4313-80d9-599e950d210f",
|
||
|
"indicator--56c65a0c-f8b0-45bc-8518-5f51950d210f",
|
||
|
"indicator--56c65a0e-6854-4bd5-b4b3-59a2950d210f",
|
||
|
"indicator--56c65a0f-d848-45bd-a41d-42a8950d210f",
|
||
|
"indicator--56c65a11-1180-4548-813f-599f950d210f",
|
||
|
"indicator--56c65a12-c5a8-4866-b5b9-599c950d210f",
|
||
|
"indicator--56c65a14-c208-41b0-94ae-4871950d210f",
|
||
|
"indicator--56c65a16-fbe4-4520-9cbc-5f51950d210f",
|
||
|
"indicator--56c65a18-a5e4-4a77-91e4-59a3950d210f",
|
||
|
"indicator--56c65a19-b778-4103-a45f-c652950d210f",
|
||
|
"indicator--56c65a1b-c994-4168-8537-59a4950d210f",
|
||
|
"indicator--56c65a1d-a638-45af-a18e-599f950d210f",
|
||
|
"indicator--56c65a1f-0698-4aca-aa06-59a3950d210f",
|
||
|
"indicator--56c65a22-75f8-41fb-be87-59a4950d210f",
|
||
|
"indicator--56c65a23-8808-4d06-94dc-4f0a950d210f",
|
||
|
"indicator--56c65a25-f738-4ef2-b36c-59a2950d210f",
|
||
|
"indicator--56c65a27-d2c0-4818-a1d4-5f51950d210f",
|
||
|
"indicator--56c65a28-7548-48f7-bebc-4f47950d210f",
|
||
|
"indicator--56c65a2a-afbc-4e0e-82ba-c652950d210f",
|
||
|
"indicator--56c65a2c-31c4-4d2a-8044-5ca1950d210f",
|
||
|
"indicator--56c65a2e-0910-4397-8e28-45cd950d210f",
|
||
|
"indicator--56c65a31-5738-4867-8716-5f51950d210f",
|
||
|
"indicator--56c65a33-4568-4c92-9c8d-4a6a950d210f",
|
||
|
"indicator--56c65a35-ee00-418b-9678-5ca1950d210f",
|
||
|
"indicator--56c65a37-9584-42be-88ec-c651950d210f",
|
||
|
"indicator--56c65a38-548c-4fca-91db-599e950d210f",
|
||
|
"indicator--56c65a3a-1970-47b8-a98c-46f7950d210f",
|
||
|
"indicator--56c65a3c-ad98-43d4-80db-c654950d210f",
|
||
|
"indicator--56c65a3d-d4c8-4318-b100-599d950d210f",
|
||
|
"indicator--56c65a3f-d49c-40c6-9c93-5ca1950d210f",
|
||
|
"indicator--56c65a41-5870-4d99-82c6-59a3950d210f",
|
||
|
"indicator--56c65a43-2118-43bc-94b7-c650950d210f",
|
||
|
"indicator--56c65a44-aad4-49d1-9451-59a1950d210f",
|
||
|
"indicator--56c65a47-0588-4697-ac28-c654950d210f",
|
||
|
"indicator--56c65a49-0260-43be-8fb5-49d2950d210f",
|
||
|
"indicator--56c65a4b-1d2c-41d1-ae2a-59a0950d210f",
|
||
|
"indicator--56c65a4d-f9e0-492e-8fad-599e950d210f",
|
||
|
"indicator--56c65a4f-97a8-41ce-bb98-c650950d210f",
|
||
|
"indicator--56c65a50-59f8-4c71-a11c-c651950d210f",
|
||
|
"indicator--56c65a52-55dc-481a-9343-59a2950d210f",
|
||
|
"indicator--56c65a55-814c-4360-8cda-59a0950d210f",
|
||
|
"indicator--56c65a57-dac0-4aab-8886-4091950d210f",
|
||
|
"indicator--56c65a59-cad0-4c10-bac5-c652950d210f",
|
||
|
"indicator--56c65a5b-a998-40f4-aef6-5ca1950d210f"
|
||
|
],
|
||
|
"labels": [
|
||
|
"Threat-Report",
|
||
|
"misp:tool=\"MISP-STIX-Converter\"",
|
||
|
"type:OSINT",
|
||
|
"misp-galaxy:threat-actor=\"APT 30\""
|
||
|
],
|
||
|
"object_marking_refs": [
|
||
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf041-1750-404c-9766-71c6950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "APT30"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf07d-dd0c-475f-951e-4d19950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--552bf07d-dd0c-475f-951e-4d19950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--552bf07d-dd0c-475f-951e-4d19950d210b",
|
||
|
"value": "https://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf07d-bd90-4757-8215-47a0950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--552bf07d-bd90-4757-8215-47a0950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--552bf07d-bd90-4757-8215-47a0950d210b",
|
||
|
"value": "https://www2.fireeye.com/WEB-2015RPTAPT30.html"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf07d-cff8-4be3-9180-486f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--552bf07d-cff8-4be3-9180-486f950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--552bf07d-cff8-4be3-9180-486f950d210b",
|
||
|
"value": "https://github.com/fireeye/iocs/tree/master/APT30"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf07d-10a4-4ebe-92a7-4ee5950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--552bf07d-10a4-4ebe-92a7-4ee5950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--552bf07d-10a4-4ebe-92a7-4ee5950d210b",
|
||
|
"value": "https://github.com/fireeye/iocs/blob/master/APT30/eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc"
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf0c9-57b8-442b-bda6-df04950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"url--552bf0c9-57b8-442b-bda6-df04950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"link\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "url",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "url--552bf0c9-57b8-442b-bda6-df04950d210b",
|
||
|
"value": "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d78eec96-0185-4c56-97d9-11104beeb076",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '002e27938c9390a942cf4b4c319f1768']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b6afda3e-d6e0-4f92-b46a-a119dcbd53c1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '062fe1336459a851bd0ea271bb2afe35']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e773bd6c-877e-4cc5-968e-a8b63bd3a7bb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '09010917cd00dc8ddd21aeb066877aa2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7c3d1db7-ff5b-410c-8d0b-8d4fa1419f78",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '0fcb4ffe2eb391421ec876286c9ddb6c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f56e7a0f-a26e-4b57-b2ef-5c2ec4a54b19",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '12e1dcd71693b6f875a98aefbd4ec91a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6062a265-5ac0-496f-b097-055b700706e4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1f64afa4069036513604cbf651e53e0d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0273bd10-b589-4a15-a78f-948d67827e18",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '29395c528693b69233c1c12bef8a64b3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--bea9c5e0-aceb-4c4c-8fab-62c52c084690",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '37e568bed4ae057e548439dc811b4d3a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8dfad9eb-40fa-4115-9b1a-671f042fdd60",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '40f47850c5ebf768fd1303a32310c73e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c38ffcbd-0eac-46ef-977a-bfd1efc7790a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '414854a9b40f7757ed7bfc6a1b01250f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4142845b-2590-4898-856e-a69f40342c3c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '428fc53c84e921ac518e54a5d055f54a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--10c68a77-a05b-4bca-b205-abb84de8081c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4c10a1efed25b828e4785d9526507fbc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2af96154-9264-4033-a638-a8fe0c2e9c85",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4c6b21e98ca03e0ef0910e07cef45dac']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5b2706a8-22ed-46fd-ae2f-7fd2834a88d4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4e5c116d874bbaaf7d6dadec7be926f5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a9343e22-00c9-4c45-ada3-54064f8db706",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '550459b31d8dabaad1923565b7e50242']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0fd15c22-04c0-4836-93ee-b60ba6fa24ff",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '59e055cee87d8faf6f701293e5830b5a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6a88b146-51c1-417c-b7d6-31aa9a055d6a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5ae51243647b7d03a5cb20dccbc0d561']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--87df9cc9-179a-4b5e-b101-7f03dcf4484b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5b590798da581c894d8a87964763aa8b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6501be09-28d6-4615-a130-2edd9a08bfd3",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '62e5d5e244059dc02654f497401615cc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--31252426-57fe-40c1-a9cd-7c86450f8034",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '65232a8d555d7c4f7bc0d7c5da08c593']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ca1c571d-226b-4453-a83f-7fe1f123c270",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '853a20f5fc6d16202828df132c41a061']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--31d5abed-df4e-4ece-bc2f-4556d45628ac",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '95bfe940816a89f168cacbc340eb4a5f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3d0c5639-32c0-4e96-941c-edc0795a8106",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9c0cad1560cd0ffe2aa570621ef7d0a0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e03f8b41-33fb-4133-91bc-4dfeb4368c65",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'a5ca2c5b4d8c0c1bc93570ed13dcab1a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--05b4fec2-fed7-4914-af2a-4e6b32eb8754",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'a9e8e402a7ee459e4896d0ba83543684']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--54a6a09a-3a63-4e4f-8186-f43356f57508",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'acb2ba25ef225d820ac8a5923b746cb8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--bd99867b-9479-4361-a0d1-3a2c6564b34a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b2138a57f723326eda5a26d2dec56851']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0293b222-6042-44bb-8729-5dc6aa4bbd15",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b590c15499448639c2748ff9e0d214b2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--69b25f3a-9f6b-469f-b5c2-1e0b8eee4f17",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b7b282c9e3eca888cbdb5a856e07e8bd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6bb01a4e-f2c8-4fdf-a5e7-88748b9ebd83",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ba80e3ad617e6998f3c4b003397db840']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3aef674c-95e4-4b0d-862b-18c7f59233f2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c95cd106c1fecbd500f4b97566d8dc96']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8907b71a-c027-4623-8dc2-e072f03abe12",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd38e02eac7e3b299b46ff2607dd0f288']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c4b8a99e-8055-4d65-bc9e-27b0ef281ad5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd8e68db503f4155ed1aeba95d1f5e3e4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--131e5c5c-b052-4d70-82cf-990bb9fe7d8e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd93026b1c6c828d0905a0868e4cbc55f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--1fc70258-05bd-4dbe-b62e-be1f53478a44",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'db3e5c2f2ce07c2d3fa38d6fc1ceb854']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--20adc990-2a82-4496-b677-a437ae886730",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'df1799845b51300b03072c6569ab96d5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4c0222e2-e62f-4146-ac5f-3ceb224d78a6",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e26a2afaaddfb09d9ede505c6f1cc4e3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f11ba2f8-a09a-4197-ad40-8e0b797a11b8",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e3ae3cbc024e39121c87d73e87bb2210']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--55956280-ee18-4d5d-8c00-468306380aed",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e62a63307deead5c9fcca6b9a2d51fb0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a305c015-262d-4826-8996-a52acb4e8a70",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ec3905d8e100644ae96ad9b51d701a7f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8707d7fd-3354-42f9-93d5-54df1294a7e9",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ed151602dea80f39173c2f7b1dd58e06']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d83b36f6-24a3-4486-bb45-4af415ee7baa",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '07bb30a2a42423e54f70af61e20edca3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--28b639a5-0c2a-4c4c-8a03-378edd9d7fd5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '08f299c2d8cfe1ae64d71dfb15fe6e8d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--05ee3963-4d52-4188-8728-983d6dc7f883",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '139158fe63a0e46639cc20b754a7c38c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--1c9045ad-2de8-4e08-9fc8-2d9f92326784",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4a41c422e9eb29f5d722700b060bca11']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c3598b9c-f61a-4167-8507-9f7c45fe216c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '646e2cfa6aa457013769e2b89454acf7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d49eed1f-b083-44d3-89aa-967792b4fee2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '948a53450e1d7dc7535ea52ca7d5bddd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7f140885-232a-46ad-82ae-d6bc196693ef",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'a2e0203e665976a13cdffb4416917250']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--63ff1c8f-9fa3-4996-a1f2-22bc4e412838",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ad044dc0e2e1eaa19cf031dbcff9d770']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--18d19857-0402-4db1-803e-6f87715eb651",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'af1c1c5d8031c4942630b6a10270d8f4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--dfcc0a93-9da2-4f42-8ff4-92efee7b6135",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c6e388ee5269239070e5ad7336d0bf59']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4fde69c0-2f59-4d2c-9e41-72df0bf9e8f5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c9484902c7f1756b26244d6d644c9dd5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8469af12-ebf7-4d40-ae3c-aea135de1639",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'cc06815e8d8c0083263651877decb44b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4ddeb872-8cec-456d-8a76-e9c11336a38f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'dc95b0e8ecb22ad607fc912219a640c1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--98fd3c4b-a7a0-4071-b66b-8a29366e687b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'f97ec83d68362e4dff4756ed1101fea8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5056d0e4-9c3b-4a7f-83c6-5ddeaa387a40",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '572c9cd4388699347c0b2edb7c6f5e25']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a6b7f14d-5c10-4c52-b1e2-cbd108db8a40",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6e689351d94389ac6fdc341b859c7f6f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--357f9f9c-9eb6-46ba-95bd-284cfaf8570d",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b5546842e08950bc17a438d785b5a019']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e98007aa-823d-43d1-84d8-97fb49c61abb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '010ca5e1de980f5f45f9d82027e1606c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--bb6c8943-0ddc-465a-8c2d-86dcaaf0e367",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '0570066887f44bc6c82ebe033cad0451']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c53fa78b-dbaf-4559-b5a1-292011664330",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '0a4fdacde69a566f53833500a0d53a35']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4ae510d5-7c29-4621-af1f-83af1057ea68",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1133fe501fa4691b7f52e53706c80df9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--03c02ca4-d68d-4631-80ca-7e8e11c93a28",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '2a2b22aa94a59575ca1dea8dd489d2eb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c0468558-9d28-49d8-bc30-09dbe197bc9d",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '2d75de9e1bb58fe61fd971bb720a49b7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7b627c1d-419c-4a72-bc32-0851addbd95c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '40601cf29c1bbfe0942d1ac914d8ce27']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--dcc7724b-4e41-4b77-865d-cb7d7a097f1a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '44992068aab25daa1decae93b25060af']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0571e49b-6fae-45a0-8480-8664490675ce",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '49ee6365618b2a5819d36a48131e280c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--68bede53-3e0d-40d5-9249-287590c9b762",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4b8531d294c020d5f856b58a5a23b238']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--88f55291-dee4-4e56-a75d-a04bda057814",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4ee00c46da143ba70f7e6270960823be']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2412edb1-aa0d-4525-aaa6-4fddb7027924",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5ddbd80720997f7a8ff53396e8e8b920']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7a81ed18-75a9-4cee-846d-1c31808f8f4f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '65b984b198359003a5a3b8aaf91af234']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c6361694-846c-4e0a-9f45-cadc7ea4b120",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6791254f160e98ac1f46b4d506b695ad']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a7be6d63-e08c-4a20-a27c-e1702422f8b4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '7b111e1054b6b929de071c4f48386415']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--bac5d0b3-93fb-4342-8ba9-f4d4dec30ecd",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8022a4136a6200580962da94f3cdb905']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--aa906ab7-81ba-4255-b470-98d325cb7d18",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8214b0e18fbcd5db6b008884e7685f2c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--97428e9d-a591-466f-83e7-a732f030f4d2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8da9373fc5b8320fb04d6202ca1eb6f1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--eb54b9fe-7685-4bbd-87b0-070cab14b4e2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9c31551cd8087072d08c9004c0ce76c5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0dc25b87-0597-49c5-a8c4-d48da5b1803b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9cbcc68c9b913a5fda445fbc7558c658']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2f2cb495-a8d3-4052-8714-755e427276ac",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9e3ef98abcfffcf3205261e09e06cba6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e0965d8b-696b-4fb8-bd76-4e7b8428ba2b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ab153afbfbcfc8c67cf055b0111f0003']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ce813283-5cab-4fa1-bfad-c4a4e3fad5aa",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c90f798ccfbedb4bbe6c4568e0f05b68']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ef3ac4d0-4962-428b-b712-49968019533e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'cb1087b2add3245418257d648ac9e9a7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--dfccf54a-6f3b-4900-bfec-663bb631bb63",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'cd1aa1c8cdf4a4ba8dc4309ce30ec263']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0109decc-ea4f-438a-b755-8f7241a83fbc",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd55514d8b97999453621a8614090cbf0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ce538644-8547-4bdf-a8d8-1200860e5b57",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd8248be5ed0f2f8f9787be331a18c36b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--cfbe7713-417c-48a8-bf65-4b72253e27bb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'da92b863095ee730aef6c6c541ab7697']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f0301dd8-21fd-4939-a931-1ff5f62f5314",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'f4a648a2382c51ca367be87d05628cff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8237ad91-a88d-4ade-adb2-cf5fae669acf",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ff00682b0b8c8d13b797d722d9048ea2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6199a0e2-17d3-4f96-84d4-0ff2af175b5b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '0cdc35ffc222a714ee138b57d29c8749']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--87fcb68c-763e-4e68-8d49-1ea375ad81c4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '10aa368899774463a355f1397e6e5151']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--fdcb2861-bec3-4b41-a7ae-eb90bca2a26f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '3166baffecccd0934bdc657c01491094']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6a011ba5-2c4c-410e-9716-66400f065d57",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd28d67b4397b7ce1508d10bf3054ffe5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7fd49b98-676f-4f37-9943-2ce8d1ac03c1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '310a4a62ba3765cbf8e8bbb9f324c503']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--a5cd1211-26ba-44d9-ab97-fec34bb2c273",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '23813c5bf6a7af322b40bd2fd94bd42e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2f00f3e3-b10d-40c1-bbad-a6e0543abc57",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6508ee27afe517aa846f9447faef59b8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2fd6a441-d94f-4e16-b36a-d3fad5bfc610",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '78c4fcee5b7fdbabf3b9941225d95166']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56eb62ef-a96c-419a-89ec-ca343638a5c5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8c713117af4ca6bbd69292a78069e75b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ab267aec-c92e-4c05-b13c-3821a8abea53",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8c9db773d387bf9b3f2b6a532e4c937c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--391b7556-1b08-4438-a3ab-020c04e38e3d",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ebf42e8b532e2f3b19046b028b5dfb23']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--341d5f02-f6ac-4fb8-8267-9a19f775a7a1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'fe211c7a081c1dac46e3935f7c614549']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--26d0919e-1569-4a6d-b225-667fec15a780",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6f931c15789d234881be8ae8ccfe33f4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b226154a-a4ae-4dcb-9859-755b161fefad",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1dbb584e19499e26398fb0a7aa2a01b7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d8bba4f5-1c0d-499c-a20f-521050a788e3",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '37aee58655f5859e60ece6b249107b87']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8233f30b-c226-485a-9b5b-d2c17aaf0d48",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4154548e1f8e9e7eb39d48a4cd75bcd1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d23624d8-0b48-4bde-ae63-409a7cca4b1e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '71f25831681c19ea17b2f2a84a41bbfb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--610f314f-ecc3-4127-bdf5-0a63a7d44e90",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8ff473bedbcc77df2c49a91167b1abeb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6d3a84b8-eb31-43c8-aa93-10b39f8ea551",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'a813eba27b2166620bd75029cc1f04b0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b5b4ac61-9c62-4928-a5b3-3bd0a3c4711c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b4ae0004094b37a40978ef06f311a75e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--0898f001-d016-418b-8329-bafb20027c91",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c4dec6d69d8035d481e4f2c86f580e81']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--9e4ebd41-0f30-483c-87e1-e15ce30b9ff1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '021e134c48cd9ce9eaf6a1c105197e5d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--da16e640-f48f-4be8-bed7-ec984cda339e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5eaf3deaaf2efac92c73ada82a651afe']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--81cb441a-120e-40e5-975c-8375eb83ae17",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '7c307ca84f922674049c0c43ca09bec1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--cc115655-3d5c-4df3-8076-257ca1c00933",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b8617302180d331e197cc0433fc5023d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3f625a02-cc3c-4059-a4e3-d3eeb2818db2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e6289e7f9f26be692cbe6f335a706014']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8eee525f-5cab-49c6-bbba-aa096940ccb0",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '95bb314fe8fdbe4df31a6d23b0d378bc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2d4a26fd-6a18-4a2d-b2a2-0f06472f057f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd97aace631d6f089595f5ce177f54a39']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3c5d9909-5182-424b-9452-90f553d1de56",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '0c4fcef3b583d0ffffc2b14b9297d3a4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7279f6ab-fb3d-4fdc-bc88-15cb5086f39a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1612b392d6145bfb0c43f8a48d78c75f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2bf4eafd-28db-4ea8-8d8b-fbd1edbd64f5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '168d207d0599ed0bb5bcfca3b3e7a9d3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--74c142de-a53b-4435-a7cf-becbdbbecb43",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1e6ee89fddcf23132ee12802337add61']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--fd5dc351-2132-42ef-9771-3df03a8dce64",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '42ccbccf48fe1cb63a81c9f094465ae2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c14c299c-87d3-4e02-a883-9be4a8bb0f35",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4f00235b5208c128440c5693b7b85366']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--dfe3e007-7754-4d8d-ada4-37fa382dbdd7",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '53f1358cbc298da96ec56e9a08851b4b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e2ac7ac5-81f5-4dad-ae30-46402301cb1c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5dd625af837e164dd2084b1f44a45808']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6b046a17-6aaf-4fef-a69d-dd9588393a3b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9e27277ef0b6b25ccb2bb79dbf7554a7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--30c95835-0a40-43b4-b410-a351df508ae2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b249bcf741e076f11b6c9553f6104f16']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--97cc727a-a2cc-4bfe-94cc-e99766432944",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'bbb3cb030686748b1244276e15085153']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--22920364-e74b-4063-91df-e3c440bd8e56",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c2acc9fc9b0f050ec2103d3ba9cb11c0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--67b5c6c8-0f22-4f7b-b482-8582cd0702bb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e39756bc99ee1b05e5ee92a1cdd5faf4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d2071393-ed2d-4724-b27a-8863ce1d191d",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'f18be055fae2490221c926e2ad55ab11']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3b6b5494-69f9-47c8-8c4e-27cd178b4dc1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '01d2383152795e4ec98b874cd585da30']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--bba2b615-54cd-4b16-8924-ddb1a395ace9",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '08b54f9b2b3fb19e388d390d278f3e44']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--936684b2-3596-49d9-bfdb-14bef6208f3c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '11876eaadeac34527c28f4ddfadd1e8d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--db5200f5-bb87-4f80-8ecb-764ac1a5256d",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '28f2396a1e306d05519b97a3a46ee925']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--82a79c79-3f3b-4a2e-8a42-1e8e9ed876a0",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '80e39b656f9a77503fa3e6b7dd123ee3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4618ad53-998c-42ed-9264-59672106b42a",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '8e2eee994cd1922e82dea58705cc9631']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d9ae5fca-a6d4-447b-9d52-de2984e3c317",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b6c08fd8a9f32a17c3550d3b2d302dc5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--1f2ba7e1-106a-4ec1-ac28-277744349fca",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'c4c068200ad8033a0f0cf28507b51842']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--3af25fe5-8a3c-4532-9924-f2ef7c2696d7",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'd591dc11ecffdfaf1626c1055417a50d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--c40aeb2a-a095-4f95-8e84-97f9f723e7b0",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'e9e514f8b1561011b4f034263c33a890']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d2895d8-1864-495b-ae0c-12037b9c05b4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '1b81b80ff0edf57da2440456d516cc90']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--7301f0a3-95ec-4f85-8eb8-fbb16f116893",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5d4f2871fd1818527ebd65b0ff930a77']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e5079dc6-b69f-4a33-82ae-6c3ab87487ac",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '74b87086887e0c67ffb035069b195ac7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e12cc8f6-8e11-4f00-9bfe-8eebe2825373",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'af670600dee2bf13a68eb962cce8f122']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e4d281a8-ffa9-4734-8043-9a376daba3e8",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b5a343d11e1f7340de99118ce9fc1bbb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--386a9dab-c2d0-4ccf-aa21-0e7d3470f0f5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'fad06d7b4450c4631302264486611ec3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--12a35b31-063a-49c8-a029-78912d0014e7",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '49aca228674651cba776be727bdb7e60']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--d95b406f-1444-4d1e-8c3c-205986a5514c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '5c7a6b3d1b85fad17333e02608844703']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--43617670-f98b-4e29-9f12-ea5b22d4a1bc",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '649fa64127fef1305ba141dd58fb83a5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e1c7bf80-5ee7-4558-9ae5-5a91381ee41e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '9982fd829c0048c8f89620691316763a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--131a039b-1671-473a-bd01-2a827fd44539",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'baff5262ae01a9217b10fcd5dad9d1d5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--cbfa1b14-2ac1-458b-88f9-1d672ff5ecd2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '592381dfa14e61bce089cd00c9b118ae']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--eb35ae44-2368-4eb3-8a50-244faa44d43f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b493ad490b691b8732983dcca8ea8b6f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--1ddb1748-55af-448c-9e33-4e3e207472e1",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b83d43e3b2f0b0a0e5cc047ef258c2cb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ccbe189e-a397-4b74-82a2-72ea7ac39cdf",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '35dfb55f419f476a54241f46e624a1a4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8547f9f0-7a0f-48d1-b764-4dfeb3653456",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '4fffcbdd4804f6952e0daf2d67507946']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5baeab02-7983-468e-8cee-6d39d5b3f4bb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '597805832d45d522c4882f21db800ecf']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--586a24e1-e31a-4d57-808c-c5d45bd9e09e",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6bd422d56e85024e67cc12207e330984']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--ee3dcfa5-433f-44b5-8a96-ecda2d12d48c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '82e13f3031130bd9d567c46a9c71ef2b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--71379bd3-7a13-4fad-b529-9aa947358007",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'b79d87ff6de654130da95c73f66c15fa']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--9efe3121-a178-44ec-b59f-cd4da3812db4",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '44b98f22155f420af4528d17bb4a5ec8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--afdc317d-58ef-4c40-9a55-1f44250e20bf",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = '6ba315275561d99b1eb8fc614ff0b2b3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--4566281e-cc26-4344-894a-7d683fe3f2a8",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'ee1b23c97f809151805792f8778ead74']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--374a6d58-c7df-49f5-b763-cca417c5f90c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[file:hashes.MD5 = 'bf8616bbed6d804a3dea09b230c2ab0c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"md5\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--37aa4549-b01d-473d-aa96-67b6e5650988",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.iapfreecenter.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b6d25967-8393-431d-a88b-2fee8bc4c36c",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.appsecnic.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--9ea9771c-e825-4573-a56f-497a15e957c9",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.newpresses.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--6a9f1f57-7471-4cc9-bcb5-eec1344e0df7",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:21.000Z",
|
||
|
"modified": "2015-04-13T16:46:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'km153.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--e4c9bb68-b9ec-4c6e-88c9-a4d242df1f69",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.bigfixtools.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--5d4efd11-fb77-42e8-92db-a33b35b10ff2",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.bluesixnine.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--472f681a-bcfb-41d7-a2b8-141870f2aa9b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:21.000Z",
|
||
|
"modified": "2015-04-13T16:46:21.000Z",
|
||
|
"pattern": "[domain-name:value = 'km-nyc.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"domain\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--f641caef-f28f-44b5-b5bd-4919d2e388fb",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[network-traffic:extensions.'http-request-ext'.request_header.'User-Agent' = 'SJZJ (compatible; MSIE 6.0; Win32)']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"user-agent\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--8e7df5c0-0336-4c2b-9c87-5f92cf9339f3",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.autoapec.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--cbb29372-1bea-4796-9f08-13e560695562",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.creammemory.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--2f932e2b-38d6-4935-8f5b-319736836426",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.cbkjdxf.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--b15c6365-ed78-4d29-8606-1024b8e0fda5",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:02.000Z",
|
||
|
"modified": "2015-04-13T16:40:02.000Z",
|
||
|
"description": "OpenIOC import",
|
||
|
"pattern": "[domain-name:value = 'www.lisword.com']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:40:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Network activity"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"hostname\"",
|
||
|
"misp:category=\"Network activity\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf0e3-8268-4389-88fe-4590950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:45.000Z",
|
||
|
"modified": "2015-04-13T16:46:45.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"comment\"",
|
||
|
"misp:category=\"Other\""
|
||
|
],
|
||
|
"x_misp_category": "Other",
|
||
|
"x_misp_comment": "OpenIOC import",
|
||
|
"x_misp_type": "comment",
|
||
|
"x_misp_value": "uuid: eeffc8e8-caee-4fe1-8ace-7a994b5d893f"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf0e3-877c-40d9-a4be-4066950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:45.000Z",
|
||
|
"modified": "2015-04-13T16:46:45.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"comment\"",
|
||
|
"misp:category=\"Other\""
|
||
|
],
|
||
|
"x_misp_category": "Other",
|
||
|
"x_misp_comment": "OpenIOC import",
|
||
|
"x_misp_type": "comment",
|
||
|
"x_misp_value": "date: 2015-04-10T14:51:19Z"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf0e3-8bc8-4a62-b2aa-4427950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:45.000Z",
|
||
|
"modified": "2015-04-13T16:46:45.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"comment\"",
|
||
|
"misp:category=\"Other\""
|
||
|
],
|
||
|
"x_misp_category": "Other",
|
||
|
"x_misp_comment": "OpenIOC import",
|
||
|
"x_misp_type": "comment",
|
||
|
"x_misp_value": "long_info: This IOC contains indicators detailed in the \"APT30 and the Mechanics of a Long-Running Cyber Espionage Operation\" report that can be read here: https://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html This IOC contains indicators for the BACKSPACE, NETEAGLE, SHIPSHAPE, SPACESHIP, and FLASHFLOOD malware families that are attributed to APT30."
|
||
|
},
|
||
|
{
|
||
|
"type": "observed-data",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "observed-data--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:40:48.000Z",
|
||
|
"modified": "2015-04-13T16:40:48.000Z",
|
||
|
"first_observed": "2015-04-13T16:40:48Z",
|
||
|
"last_observed": "2015-04-13T16:40:48Z",
|
||
|
"number_observed": 1,
|
||
|
"object_refs": [
|
||
|
"file--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"artifact--552bf0e3-0fd0-451e-9927-49c6950d210b"
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"attachment\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "file",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "file--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"name": "eeffc8e8-caee-4fe1-8ace-7a994b5d893f.ioc",
|
||
|
"content_ref": "artifact--552bf0e3-0fd0-451e-9927-49c6950d210b"
|
||
|
},
|
||
|
{
|
||
|
"type": "artifact",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "artifact--552bf0e3-0fd0-451e-9927-49c6950d210b",
|
||
|
"payload_bin": "PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0ndXRmLTgnPz4KPCEtLQogICAgVElUTEU6ICAgICAgICAgIGVlZmZjOGU4LWNhZWUtNGZlMS04YWNlLTdhOTk0YjVkODkzZi5pb2MKICAgIFZFUlNJT046ICAgICAgICAxLjAKICAgIERFU0NSSVBUSU9OOiAgICBPcGVuSU9DIGZpbGUKICAgIExJQ0VOU0U6ICAgICAgICBDb3B5cmlnaHQgMjAxNSBGaXJlRXllIENvcnBvcmF0aW9uLiAgTGljZW5zZWQgdW5kZXIgdGhlIEFwYWNoZSAyLjAgbGljZW5zZS4KICAgIEZpcmVFeWUgbGljZW5zZXMgdGhpcyBmaWxlIHRvIHlvdSB1bmRlciB0aGUgQXBhY2hlIExpY2Vuc2UsIFZlcnNpb24KICAgIDIuMCAodGhlICJMaWNlbnNlIik7IHlvdSBtYXkgbm90IHVzZSB0aGlzIGZpbGUgZXhjZXB0IGluIGNvbXBsaWFuY2Ugd2l0aCB0aGUKICAgIExpY2Vuc2UuICBZb3UgbWF5IG9idGFpbiBhIGNvcHkgb2YgdGhlIExpY2Vuc2UgYXQ6CiAgICAgICAgICAgIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9saWNlbnNlcy9MSUNFTlNFLTIuMAogICAgVW5sZXNzIHJlcXVpcmVkIGJ5IGFwcGxpY2FibGUgbGF3IG9yIGFncmVlZCB0byBpbiB3cml0aW5nLCBzb2Z0d2FyZQogICAgZGlzdHJpYnV0ZWQgdW5kZXIgdGhlIExpY2Vuc2UgaXMgZGlzdHJpYnV0ZWQgb24gYW4gIkFTIElTIiBCQVNJUywKICAgIFdJVEhPVVQgV0FSUkFOVElFUyBPUiBDT05ESVRJT05TIE9GIEFOWSBLSU5ELCBlaXRoZXIgZXhwcmVzcyBvcgogICAgaW1wbGllZC4gIFNlZSB0aGUgTGljZW5zZSBmb3IgdGhlIHNwZWNpZmljIGxhbmd1YWdlIGdvdmVybmluZwogICAgcGVybWlzc2lvbnMgYW5kIGxpbWl0YXRpb25zIHVuZGVyIHRoZSBMaWNlbnNlLgotLT4KPGlvYyB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4c2Q9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxucz0iaHR0cDovL3NjaGVtYXMubWFuZGlhbnQuY29tLzIwMTAvaW9jIiBpZD0iZWVmZmM4ZTgtY2FlZS00ZmUxLThhY2UtN2E5OTRiNWQ4OTNmIiBsYXN0LW1vZGlmaWVkPSIyMDE1LTA0LTEyVDE1OjE5OjI4WiI+CiAgPHNob3J0X2Rlc2NyaXB0aW9uPkFQVDMwIChSRVBPUlQpPC9zaG9ydF9kZXNjcmlwdGlvbj4KICA8ZGVzY3JpcHRpb24+VGhpcyBJT0MgY29udGFpbnMgaW5kaWNhdG9ycyBkZXRhaWxlZCBpbiB0aGUgIkFQVDMwIGFuZCB0aGUgTWVjaGFuaWNzIG9mIGEgTG9uZy1SdW5uaW5nIEN5YmVyIEVzcGlvbmFnZSBPcGVyYXRpb24iIHJlcG9ydCB0aGF0IGNhbiBiZSByZWFkIGhlcmU6IGh0dHBzOi8vd3d3LmZpcmVleWUuY29tL2Jsb2cvdGhyZWF0LXJlc2VhcmNoLzIwMTUvMDQvYXB0XzMwX2FuZF90aGVfbWVjaGEuaHRtbCAgVGhpcyBJT0MgY29udGFpbnMgaW5kaWNhdG9ycyBmb3IgdGhlIEJBQ0tTUEFDRSwgTkVURUFHTEUsIFNISVBTSEFQRSwgU1BBQ0VTSElQLCBhbmQgRkxBU0hGTE9PRCBtYWx3YXJlIGZhbWlsaWVzIHRoYXQgYXJlIGF0dHJpYnV0ZWQgdG8gQVBUMzAuPC9kZXNjcmlwdGlvbj4KICA8a2V5d29yZHMvPgogIDxhdXRob3JlZF9ieT5GaXJlRXllPC9hdXRob3JlZF9ieT4KICA8YXV0aG9yZWRfZGF0ZT4yMDE1LTA0LTEwVDE0OjUxOjE5WjwvYXV0aG9yZWRfZGF0ZT4KICA8bGlua3M+CiAgICA8bGluayByZWw9InRocmVhdGdyb3VwIj5BUFQzMDwvbGluaz4KICAgIDxsaW5rIHJlbD0idGhyZWF0Y2F0ZWdvcnkiPkFQVDwvbGluaz4KICAgIDxsaW5rIHJlbD0ibGljZW5zZSI+QXBhY2hlIDIuMDwvbGluaz4KICA8L2xpbmtzPgogIDxkZWZpbml0aW9uPgogICAgPEluZGljYXRvciBpZD0iZTNhN2U5NDQtNWE4ZS00NDljLTkwYmItMTU2MTRlMTE4Y2QyIiBvcGVyYXRvcj0iT1IiPgogICAgICA8SW5kaWNhdG9ySXRlbSBpZD0iZDc4ZWVjOTYtMDE4NS00YzU2LTk3ZDktMTExMDRiZWViMDc2IiBjb25kaXRpb249ImlzIj4KICAgICAgICA8Q29udGV4dCBkb2N1bWVudD0iRmlsZUl0ZW0iIHNlYXJjaD0iRmlsZUl0ZW0vTWQ1c3VtIiB0eXBlPSJtaXIiLz4KICAgICAgICA8Q29udGVudCB0eXBlPSJtZDUiPjAwMmUyNzkzOGM5MzkwYTk0MmNmNGI0YzMxOWYxNzY4PC9Db250ZW50PgogICAgICA8L0luZGljYXRvckl0ZW0+CiAgICAgIDxJbmRpY2F0b3JJdGVtIGlkPSJiNmFmZGEzZS1kNmUwLTRmOTItYjQ2YS1hMTE5ZGNiZDUzYzEiIGNvbmRpdGlvbj0iaXMiPgogICAgICAgIDxDb250ZXh0IGRvY3VtZW50PSJGaWxlSXRlbSIgc2VhcmNoPSJGaWxlSXRlbS9NZDVzdW0iIHR5cGU9Im1pciIvPgogICAgICAgIDxDb250ZW50IHR5cGU9Im1kNSI+MDYyZmUxMzM2NDU5YTg1MWJkMGVhMjcxYmIyYWZlMzU8L0NvbnRlbnQ+CiAgICAgIDwvSW5kaWNhdG9ySXRlbT4KICAgICAgPEluZGljYXRvckl0ZW0gaWQ9ImU3NzNiZDZjLTg3N2UtNGNjNS05NjhlLWE4YjYzYmQzYTdiYiIgY29uZGl0aW9uPSJpcyI+CiAgICAgICAgPENvbnRleHQgZG9jdW1lbnQ9IkZpbGVJdGVtIiBzZWFyY2g9IkZpbGVJdGVtL01kNXN1bSIgdHlwZT0ibWlyIi8+CiAgICAgICAgPENvbnRlbnQgdHlwZT0ibWQ1Ij4wOTAxMDkxN2NkMDBkYzhkZGQyMWFlYjA2Njg3N2FhMjwvQ29udGVudD4KICAgICAgPC9JbmRpY2F0b3JJdGVtPgogICAgICA8SW5kaWNhdG9ySXRlbSBpZD0iN2MzZDFkYjctZmY1Yi00MTBjLThkMGItOGQ0ZmExNDE5Zjc4IiBjb25kaXRpb249ImlzIj4KICAgICAgICA8Q29udGV4dCBkb2N1bWVudD0iRmlsZUl0ZW0iIHNlYXJjaD0iRmlsZUl0ZW0vTWQ1c3VtIiB0eXBlPSJtaXIiLz4KICAgICAgICA8Q29udGVudCB0eXBlPSJtZDUiPjBmY2I0ZmZlMmViMzkxNDIxZWM4NzYyODZjOWRkYjZjPC9Db250ZW50PgogICAgICA8L0luZGljYXRvckl0ZW0+CiAgICAgIDxJbmRpY2F0b3JJdGVtIGlkPSJmNTZlN2EwZi1hMjZlLTRiNTctYjJlZi01YzJlYzRhNTRiMTkiIGNvbmRpdGlvbj0iaXMiPgogICAgICAgIDxDb250ZXh0IGRvY3VtZW50PSJGaWxlSXRlbSIgc2VhcmNoPSJGaWxlSXRlbS9NZDVzdW0iIHR5cGU9Im1pciIvPgogICAgICAgIDxDb250ZW50IHR5cGU9Im1kNSI+MTJlMWR
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf27b-80f4-45b3-9b66-5cfb950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:44:43.000Z",
|
||
|
"modified": "2015-04-13T16:44:43.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_comment": "Tools names from FireEye",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "BACKSPACE"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf27b-ce3c-48a5-b50a-5cfb950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:44:43.000Z",
|
||
|
"modified": "2015-04-13T16:44:43.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_comment": "Tools names from FireEye",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "NETEAGLE"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf27b-7fcc-46a5-a0f9-5cfb950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:44:43.000Z",
|
||
|
"modified": "2015-04-13T16:44:43.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_comment": "Tools names from FireEye",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "SHIPSHAPE"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf27b-dc74-4e5a-9297-5cfb950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:44:43.000Z",
|
||
|
"modified": "2015-04-13T16:44:43.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_comment": "Tools names from FireEye",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "SPACESHIP"
|
||
|
},
|
||
|
{
|
||
|
"type": "x-misp-attribute",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "x-misp-attribute--552bf27b-a938-4bc8-b326-5cfb950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:44:43.000Z",
|
||
|
"modified": "2015-04-13T16:44:43.000Z",
|
||
|
"labels": [
|
||
|
"misp:type=\"text\"",
|
||
|
"misp:category=\"External analysis\""
|
||
|
],
|
||
|
"x_misp_category": "External analysis",
|
||
|
"x_misp_comment": "Tools names from FireEye",
|
||
|
"x_misp_type": "text",
|
||
|
"x_misp_value": "FLASHFLOOD"
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-f500-4d84-bb27-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftZj']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-82b4-496a-b870-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-e7ac-4bd6-b7b9-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftHaveAck']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-5af4-46f0-a140-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftHaveExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-dbf0-481c-9705-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftZjLnk']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-583c-415d-b0d7-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftExitLnk']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c8-2dfc-400f-b703-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:00.000Z",
|
||
|
"modified": "2015-04-13T16:46:00.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftHaveLnkAck']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-b1d8-4fb6-9e71-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosofthaveLnkExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-c95c-4be5-9a9f-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipZJ']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-ac88-4d93-972b-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-bca0-46c2-9a21-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipHaveAck']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-7fa0-42cc-943c-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipHaveExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-93a0-4552-8abf-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipTrZJ']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-1734-4880-b8ba-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipTrExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-06e0-451f-b07b-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftShipTrHaveExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-f53c-40d9-b912-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftFlashZJ']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-edc0-4437-a5b6-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftFlashExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2c9-5d20-429a-a609-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:01.000Z",
|
||
|
"modified": "2015-04-13T16:46:01.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftFlashHaveAck']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--552bf2ca-20a0-49c9-a249-f25f950d210b",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2015-04-13T16:46:02.000Z",
|
||
|
"modified": "2015-04-13T16:46:02.000Z",
|
||
|
"pattern": "[mutex:name = 'MicrosoftFlashHaveExit']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2015-04-13T16:46:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Artifacts dropped"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"mutex\"",
|
||
|
"misp:category=\"Artifacts dropped\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659a8-ede8-4ab8-9785-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:16.000Z",
|
||
|
"modified": "2016-02-18T23:54:16.000Z",
|
||
|
"description": "Automatically added (via 002e27938c9390a942cf4b4c319f1768)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b836d5d21c605a019936f5da1b78e03a01846ea6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659aa-ed3c-447c-af57-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:18.000Z",
|
||
|
"modified": "2016-02-18T23:54:18.000Z",
|
||
|
"description": "Automatically added (via 062fe1336459a851bd0ea271bb2afe35)",
|
||
|
"pattern": "[file:hashes.SHA1 = '572caa09f2b600daa941c60db1fc410bef8d1771']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ab-d924-433c-b3a7-4e54950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:19.000Z",
|
||
|
"modified": "2016-02-18T23:54:19.000Z",
|
||
|
"description": "Automatically added (via 09010917cd00dc8ddd21aeb066877aa2)",
|
||
|
"pattern": "[file:hashes.SHA1 = '01f23e42898bf69528d766fada8b4551197c137e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ad-570c-4cee-b5d5-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:21.000Z",
|
||
|
"modified": "2016-02-18T23:54:21.000Z",
|
||
|
"description": "Automatically added (via 0fcb4ffe2eb391421ec876286c9ddb6c)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'dd99fa8c41a0bb91035e247602777cc52ec51939']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659af-b3c4-4206-8f02-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:23.000Z",
|
||
|
"modified": "2016-02-18T23:54:23.000Z",
|
||
|
"description": "Automatically added (via 12e1dcd71693b6f875a98aefbd4ec91a)",
|
||
|
"pattern": "[file:hashes.SHA1 = '74c6c0bac8cf2d069efc6c6408d959f48d439af5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b1-c9a4-46b5-ac41-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:25.000Z",
|
||
|
"modified": "2016-02-18T23:54:25.000Z",
|
||
|
"description": "Automatically added (via 1f64afa4069036513604cbf651e53e0d)",
|
||
|
"pattern": "[file:hashes.SHA1 = '4350e906d590dca5fcc90ed3215467524e0a4e3d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b3-3dac-44aa-bbed-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:27.000Z",
|
||
|
"modified": "2016-02-18T23:54:27.000Z",
|
||
|
"description": "Automatically added (via 29395c528693b69233c1c12bef8a64b3)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd8509bdab6f801fbdf5ea3aa1b9bd45a12fafc38']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b5-1d84-42ee-8b72-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:29.000Z",
|
||
|
"modified": "2016-02-18T23:54:29.000Z",
|
||
|
"description": "Automatically added (via 37e568bed4ae057e548439dc811b4d3a)",
|
||
|
"pattern": "[file:hashes.SHA1 = '066d06ac08b48d3382d46bbeda6ad411b6d6130e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b6-ab14-451a-908d-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:30.000Z",
|
||
|
"modified": "2016-02-18T23:54:30.000Z",
|
||
|
"description": "Automatically added (via 40f47850c5ebf768fd1303a32310c73e)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'cca54959dbb683bcad869e281d41c24ce6cb1404']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b8-a1ac-4f8f-bb18-4be7950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:32.000Z",
|
||
|
"modified": "2016-02-18T23:54:32.000Z",
|
||
|
"description": "Automatically added (via 414854a9b40f7757ed7bfc6a1b01250f)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'df48a7cd6c4a8f78f5847bad3776abc0458499a6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b9-3fdc-4e51-8b2f-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:33.000Z",
|
||
|
"modified": "2016-02-18T23:54:33.000Z",
|
||
|
"description": "Automatically added (via 428fc53c84e921ac518e54a5d055f54a)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e26588113417bf68cb0c479638c9cd99a48e846d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659bb-ca80-433a-a682-48bf950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:35.000Z",
|
||
|
"modified": "2016-02-18T23:54:35.000Z",
|
||
|
"description": "Automatically added (via 4c10a1efed25b828e4785d9526507fbc)",
|
||
|
"pattern": "[file:hashes.SHA1 = '51ae5dd089fe2c186098f8028003f1e03ba29e0c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659bd-bb9c-4e0e-8c4a-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:37.000Z",
|
||
|
"modified": "2016-02-18T23:54:37.000Z",
|
||
|
"description": "Automatically added (via 4c6b21e98ca03e0ef0910e07cef45dac)",
|
||
|
"pattern": "[file:hashes.SHA1 = '8cea83299af8f5ec6c278247e649c9d91d4cf3bc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659be-60e0-482e-af22-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:38.000Z",
|
||
|
"modified": "2016-02-18T23:54:38.000Z",
|
||
|
"description": "Automatically added (via 4e5c116d874bbaaf7d6dadec7be926f5)",
|
||
|
"pattern": "[file:hashes.SHA1 = '856f89ec47bc356d91e2dba7d61844e096a0c670']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c0-5594-49aa-84a7-4f2b950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:40.000Z",
|
||
|
"modified": "2016-02-18T23:54:40.000Z",
|
||
|
"description": "Automatically added (via 550459b31d8dabaad1923565b7e50242)",
|
||
|
"pattern": "[file:hashes.SHA1 = '12b2c3b8114e042e90f984d55e84af21cc4a38ce']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:40Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c1-ab20-48b9-8bb4-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:41.000Z",
|
||
|
"modified": "2016-02-18T23:54:41.000Z",
|
||
|
"description": "Automatically added (via 59e055cee87d8faf6f701293e5830b5a)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd0320144e65c9af0052f8dee0419e8deed91b61b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c3-fd2c-4375-a4eb-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:43.000Z",
|
||
|
"modified": "2016-02-18T23:54:43.000Z",
|
||
|
"description": "Automatically added (via 5ae51243647b7d03a5cb20dccbc0d561)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b1c37632e604a5d1f430c9351f87eb9e8ea911c0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:43Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c5-e5e4-4f3c-8a84-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:45.000Z",
|
||
|
"modified": "2016-02-18T23:54:45.000Z",
|
||
|
"description": "Automatically added (via 5b590798da581c894d8a87964763aa8b)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5c40fffe73be5dc8a9f046b63edbcb3956dd9031']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:45Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c7-f97c-4eb4-815d-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:47.000Z",
|
||
|
"modified": "2016-02-18T23:54:47.000Z",
|
||
|
"description": "Automatically added (via 62e5d5e244059dc02654f497401615cc)",
|
||
|
"pattern": "[file:hashes.SHA1 = '16e539b85799dd9d0fecac02de47653ef790e187']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:47Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c8-41c8-4612-8656-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:48.000Z",
|
||
|
"modified": "2016-02-18T23:54:48.000Z",
|
||
|
"description": "Automatically added (via 65232a8d555d7c4f7bc0d7c5da08c593)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'c3248fa667b21765106aca2ec0b5f46bfaf997af']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ca-32e8-4b6f-96e6-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:50.000Z",
|
||
|
"modified": "2016-02-18T23:54:50.000Z",
|
||
|
"description": "Automatically added (via 853a20f5fc6d16202828df132c41a061)",
|
||
|
"pattern": "[file:hashes.SHA1 = '2415f661046fdbe3eea8cd276b6f13354019b1a6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:50Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659cc-b070-4209-aefb-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:52.000Z",
|
||
|
"modified": "2016-02-18T23:54:52.000Z",
|
||
|
"description": "Automatically added (via 95bfe940816a89f168cacbc340eb4a5f)",
|
||
|
"pattern": "[file:hashes.SHA1 = '53ccc33153c8f323c5251f1700c687859d7408c1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659cd-317c-473e-90b6-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:53.000Z",
|
||
|
"modified": "2016-02-18T23:54:53.000Z",
|
||
|
"description": "Automatically added (via 9c0cad1560cd0ffe2aa570621ef7d0a0)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e814914079af78d9f1b71000fee3c29d31d9b586']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659cf-9cf0-4d89-b7ad-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:55.000Z",
|
||
|
"modified": "2016-02-18T23:54:55.000Z",
|
||
|
"description": "Automatically added (via a5ca2c5b4d8c0c1bc93570ed13dcab1a)",
|
||
|
"pattern": "[file:hashes.SHA1 = '9865e24aadb4480bd3c182e50e0e53316546fc01']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d1-2ef0-4f5c-b141-48a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:57.000Z",
|
||
|
"modified": "2016-02-18T23:54:57.000Z",
|
||
|
"description": "Automatically added (via a9e8e402a7ee459e4896d0ba83543684)",
|
||
|
"pattern": "[file:hashes.SHA1 = '216868edbcdd067bd2a9cce4f132d33ba9c0d818']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d3-6d08-44d5-a133-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:59.000Z",
|
||
|
"modified": "2016-02-18T23:54:59.000Z",
|
||
|
"description": "Automatically added (via acb2ba25ef225d820ac8a5923b746cb8)",
|
||
|
"pattern": "[file:hashes.SHA1 = '81dc84fc147fe2afb24259aa3ba1169a8dbdc883']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d4-2f04-4885-9311-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:00.000Z",
|
||
|
"modified": "2016-02-18T23:55:00.000Z",
|
||
|
"description": "Automatically added (via b2138a57f723326eda5a26d2dec56851)",
|
||
|
"pattern": "[file:hashes.SHA1 = '355436a16d7a2eba8a284b63bb252a8bb1644751']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d6-f4a8-47f3-b47d-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:02.000Z",
|
||
|
"modified": "2016-02-18T23:55:02.000Z",
|
||
|
"description": "Automatically added (via b590c15499448639c2748ff9e0d214b2)",
|
||
|
"pattern": "[file:hashes.SHA1 = '0263de239ccef669c47399856d481e3361408e90']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d8-fdd0-442e-89cd-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:04.000Z",
|
||
|
"modified": "2016-02-18T23:55:04.000Z",
|
||
|
"description": "Automatically added (via b7b282c9e3eca888cbdb5a856e07e8bd)",
|
||
|
"pattern": "[file:hashes.SHA1 = '70034e017c2622dd9b3ff965c56cf4ffb980dcdd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d9-0a80-4e32-8377-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:05.000Z",
|
||
|
"modified": "2016-02-18T23:55:05.000Z",
|
||
|
"description": "Automatically added (via ba80e3ad617e6998f3c4b003397db840)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b6fe32af3c0ab600003a6569acc1b6506a436d60']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659db-7db4-49ce-8177-4088950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:07.000Z",
|
||
|
"modified": "2016-02-18T23:55:07.000Z",
|
||
|
"description": "Automatically added (via c95cd106c1fecbd500f4b97566d8dc96)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b02b5720ff0f73f01eb2ba029a58b645c987c4bc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659dd-c6a8-4cee-a36a-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:09.000Z",
|
||
|
"modified": "2016-02-18T23:55:09.000Z",
|
||
|
"description": "Automatically added (via d38e02eac7e3b299b46ff2607dd0f288)",
|
||
|
"pattern": "[file:hashes.SHA1 = '959573261ca1d7e5ddcd19447475b2139ca24fe1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659de-4550-4c0a-b7c6-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:10.000Z",
|
||
|
"modified": "2016-02-18T23:55:10.000Z",
|
||
|
"description": "Automatically added (via d8e68db503f4155ed1aeba95d1f5e3e4)",
|
||
|
"pattern": "[file:hashes.SHA1 = '8b4271167655787be1988574446125eae5043aca']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e0-6428-405a-84a1-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:12.000Z",
|
||
|
"modified": "2016-02-18T23:55:12.000Z",
|
||
|
"description": "Automatically added (via d93026b1c6c828d0905a0868e4cbc55f)",
|
||
|
"pattern": "[file:hashes.SHA1 = '0c0f53f7386609720269c552057c6d0f0f2a9ec5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e2-8fd0-4291-8e45-4d3a950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:14.000Z",
|
||
|
"modified": "2016-02-18T23:55:14.000Z",
|
||
|
"description": "Automatically added (via db3e5c2f2ce07c2d3fa38d6fc1ceb854)",
|
||
|
"pattern": "[file:hashes.SHA1 = '2a4c8752f3e7fde0139421b8d5713b29c720685d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e3-0cf0-437a-afb6-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:15.000Z",
|
||
|
"modified": "2016-02-18T23:55:15.000Z",
|
||
|
"description": "Automatically added (via df1799845b51300b03072c6569ab96d5)",
|
||
|
"pattern": "[file:hashes.SHA1 = '9404794c6521bbbcc4afe9bd87d9a26beff904e6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e5-5eec-4ab0-90a7-49c7950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:17.000Z",
|
||
|
"modified": "2016-02-18T23:55:17.000Z",
|
||
|
"description": "Automatically added (via e26a2afaaddfb09d9ede505c6f1cc4e3)",
|
||
|
"pattern": "[file:hashes.SHA1 = '7a8576804a2bbe4e5d05d1718f90b6a4332df027']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e7-67b4-4feb-b712-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:19.000Z",
|
||
|
"modified": "2016-02-18T23:55:19.000Z",
|
||
|
"description": "Automatically added (via e3ae3cbc024e39121c87d73e87bb2210)",
|
||
|
"pattern": "[file:hashes.SHA1 = '442bf8690401a2087a340ce4a48151c39101652f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ea-4608-4d0c-90a4-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:22.000Z",
|
||
|
"modified": "2016-02-18T23:55:22.000Z",
|
||
|
"description": "Automatically added (via e62a63307deead5c9fcca6b9a2d51fb0)",
|
||
|
"pattern": "[file:hashes.SHA1 = '591db6f211ba40199e0c09aa6860be97cc3728e9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659eb-c060-4aab-a99c-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:23.000Z",
|
||
|
"modified": "2016-02-18T23:55:23.000Z",
|
||
|
"description": "Automatically added (via ec3905d8e100644ae96ad9b51d701a7f)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b1332cd547969b65271b7a85a04d029f3ec4f448']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ed-f02c-4a6c-9c4d-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:25.000Z",
|
||
|
"modified": "2016-02-18T23:55:25.000Z",
|
||
|
"description": "Automatically added (via ed151602dea80f39173c2f7b1dd58e06)",
|
||
|
"pattern": "[file:hashes.SHA1 = '6a30613ad65a5218b993d3f06ff64e72b7d86e0a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ef-961c-4203-8a8b-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:27.000Z",
|
||
|
"modified": "2016-02-18T23:55:27.000Z",
|
||
|
"description": "Automatically added (via 07bb30a2a42423e54f70af61e20edca3)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5b770fe5824f963fbc4192042c06253989f6940c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f1-e534-4ddb-9245-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:29.000Z",
|
||
|
"modified": "2016-02-18T23:55:29.000Z",
|
||
|
"description": "Automatically added (via 08f299c2d8cfe1ae64d71dfb15fe6e8d)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b3ed48e91bfbee64756457911fe44ac425d7e0e6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f2-b01c-4f53-8b2d-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:30.000Z",
|
||
|
"modified": "2016-02-18T23:55:30.000Z",
|
||
|
"description": "Automatically added (via 139158fe63a0e46639cc20b754a7c38c)",
|
||
|
"pattern": "[file:hashes.SHA1 = '2326537acbe1ab28b1da05912f221d00c76d99d2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f4-7678-4a41-b48e-405c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:32.000Z",
|
||
|
"modified": "2016-02-18T23:55:32.000Z",
|
||
|
"description": "Automatically added (via 4a41c422e9eb29f5d722700b060bca11)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5257ba027abe3a2cf397bfcae87b13ab9c1e9019']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f6-23c4-4e68-a872-472c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:34.000Z",
|
||
|
"modified": "2016-02-18T23:55:34.000Z",
|
||
|
"description": "Automatically added (via 646e2cfa6aa457013769e2b89454acf7)",
|
||
|
"pattern": "[file:hashes.SHA1 = '8f1e57ae3c93e19836d9a9d54c4d579f8d48077b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f7-bee8-411a-b73e-4d61950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:35.000Z",
|
||
|
"modified": "2016-02-18T23:55:35.000Z",
|
||
|
"description": "Automatically added (via 948a53450e1d7dc7535ea52ca7d5bddd)",
|
||
|
"pattern": "[file:hashes.SHA1 = '9b9cba15a84f102ff4935eb33e8e550b7679b07c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f9-378c-46ca-a86c-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:37.000Z",
|
||
|
"modified": "2016-02-18T23:55:37.000Z",
|
||
|
"description": "Automatically added (via ad044dc0e2e1eaa19cf031dbcff9d770)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5bf583a3a0d52b034df4f0541d4cdb9bda8d6b6a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fb-3588-4dff-a369-4fb0950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:39.000Z",
|
||
|
"modified": "2016-02-18T23:55:39.000Z",
|
||
|
"description": "Automatically added (via af1c1c5d8031c4942630b6a10270d8f4)",
|
||
|
"pattern": "[file:hashes.SHA1 = '9f49aa1090fa478b9857e15695be4a89f8f3e594']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fd-dbf0-477c-90ee-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:41.000Z",
|
||
|
"modified": "2016-02-18T23:55:41.000Z",
|
||
|
"description": "Automatically added (via c6e388ee5269239070e5ad7336d0bf59)",
|
||
|
"pattern": "[file:hashes.SHA1 = '396116cfb51cee090822913942f6ccf81856c2fb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fe-95ac-49f6-90cb-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:42.000Z",
|
||
|
"modified": "2016-02-18T23:55:42.000Z",
|
||
|
"description": "Automatically added (via c9484902c7f1756b26244d6d644c9dd5)",
|
||
|
"pattern": "[file:hashes.SHA1 = '263c8f8e8cf664e6d4850e70f705f8a494d967a3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:42Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a00-10fc-49d6-86b6-4cd2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:44.000Z",
|
||
|
"modified": "2016-02-18T23:55:44.000Z",
|
||
|
"description": "Automatically added (via cc06815e8d8c0083263651877decb44b)",
|
||
|
"pattern": "[file:hashes.SHA1 = '7c9a13f1fdd6452fb6d62067f958bfc5fec1d24e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:44Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a02-3cd8-44d4-b33f-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:46.000Z",
|
||
|
"modified": "2016-02-18T23:55:46.000Z",
|
||
|
"description": "Automatically added (via dc95b0e8ecb22ad607fc912219a640c1)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5a5af7e88baf7c6973ea4009f9fb7dc400cb7709']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:46Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a04-1624-40a6-92fa-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:48.000Z",
|
||
|
"modified": "2016-02-18T23:55:48.000Z",
|
||
|
"description": "Automatically added (via f97ec83d68362e4dff4756ed1101fea8)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'fef9c3b4b35c226501f7d60816bb00331a904d5b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a05-540c-4325-b98a-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:49.000Z",
|
||
|
"modified": "2016-02-18T23:55:49.000Z",
|
||
|
"description": "Automatically added (via 572c9cd4388699347c0b2edb7c6f5e25)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'aa44328a9dcf8f0ddc3eda5876d7ac52668d3f54']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:49Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a07-86bc-47be-aa09-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:51.000Z",
|
||
|
"modified": "2016-02-18T23:55:51.000Z",
|
||
|
"description": "Automatically added (via 6e689351d94389ac6fdc341b859c7f6f)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b90ac3e58ed472829e2562023e6e892d2d61ac44']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a09-a714-4042-ab21-48c2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:53.000Z",
|
||
|
"modified": "2016-02-18T23:55:53.000Z",
|
||
|
"description": "Automatically added (via b5546842e08950bc17a438d785b5a019)",
|
||
|
"pattern": "[file:hashes.SHA1 = '973afd5d36d68d956c0dd5e5cca8187227461ba9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:53Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0b-fba0-4ab9-83fa-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:55.000Z",
|
||
|
"modified": "2016-02-18T23:55:55.000Z",
|
||
|
"description": "Automatically added (via 010ca5e1de980f5f45f9d82027e1606c)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'aba8b9fa213e5e2f1f0404d13fecc20ea8651b57']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0d-65e8-4776-9996-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:57.000Z",
|
||
|
"modified": "2016-02-18T23:55:57.000Z",
|
||
|
"description": "Automatically added (via 0570066887f44bc6c82ebe033cad0451)",
|
||
|
"pattern": "[file:hashes.SHA1 = '7f11f5c9475240e5dd2eea7726c9229972cffc1f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0e-9474-494f-b3cb-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:58.000Z",
|
||
|
"modified": "2016-02-18T23:55:58.000Z",
|
||
|
"description": "Automatically added (via 0a4fdacde69a566f53833500a0d53a35)",
|
||
|
"pattern": "[file:hashes.SHA1 = '94d3f91d1e50ecea729617729013c3d143bf2c3e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a10-bcb0-41ca-80e9-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:00.000Z",
|
||
|
"modified": "2016-02-18T23:56:00.000Z",
|
||
|
"description": "Automatically added (via 1133fe501fa4691b7f52e53706c80df9)",
|
||
|
"pattern": "[file:hashes.SHA1 = '7e516ec04f28c76d67b8111ddfe58bbd628362cc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a12-09f8-4612-86b4-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:02.000Z",
|
||
|
"modified": "2016-02-18T23:56:02.000Z",
|
||
|
"description": "Automatically added (via 2a2b22aa94a59575ca1dea8dd489d2eb)",
|
||
|
"pattern": "[file:hashes.SHA1 = '6b27bc0b0460b0a25b45d897ed4f399106c284d9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a13-6eb4-449a-ba2d-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:03.000Z",
|
||
|
"modified": "2016-02-18T23:56:03.000Z",
|
||
|
"description": "Automatically added (via 2d75de9e1bb58fe61fd971bb720a49b7)",
|
||
|
"pattern": "[file:hashes.SHA1 = '6df5b4b3da0964153bad22fb1f69483ae8316655']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a15-7bec-4416-b04d-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:05.000Z",
|
||
|
"modified": "2016-02-18T23:56:05.000Z",
|
||
|
"description": "Automatically added (via 40601cf29c1bbfe0942d1ac914d8ce27)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b68bce61dfd8763c3003480ba4066b3cb1ef126e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a17-3120-4a85-94d7-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:07.000Z",
|
||
|
"modified": "2016-02-18T23:56:07.000Z",
|
||
|
"description": "Automatically added (via 44992068aab25daa1decae93b25060af)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f15272042a4f9324ad5de884bd50f4072f4bdde3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:07Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a19-fbd0-4051-9625-4156950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:09.000Z",
|
||
|
"modified": "2016-02-18T23:56:09.000Z",
|
||
|
"description": "Automatically added (via 49ee6365618b2a5819d36a48131e280c)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'cc124682246d098740cfa7d20aede850d49b6597']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1a-5c0c-4d7d-99d4-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:10.000Z",
|
||
|
"modified": "2016-02-18T23:56:10.000Z",
|
||
|
"description": "Automatically added (via 4b8531d294c020d5f856b58a5a23b238)",
|
||
|
"pattern": "[file:hashes.SHA1 = '1ef415bca310575944934fc97b0aa720943ba512']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:10Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1c-5b30-4cb2-9a98-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:12.000Z",
|
||
|
"modified": "2016-02-18T23:56:12.000Z",
|
||
|
"description": "Automatically added (via 4ee00c46da143ba70f7e6270960823be)",
|
||
|
"pattern": "[file:hashes.SHA1 = '0559ab9356dcc869da18b2c96f48b76478c472b3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:12Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1e-f84c-41db-8383-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:14.000Z",
|
||
|
"modified": "2016-02-18T23:56:14.000Z",
|
||
|
"description": "Automatically added (via 5ddbd80720997f7a8ff53396e8e8b920)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b6f1fb0f8a2fb92a3c60e154f24cfbca1984529f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a21-20f8-4bd2-9013-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:17.000Z",
|
||
|
"modified": "2016-02-18T23:56:17.000Z",
|
||
|
"description": "Automatically added (via 65b984b198359003a5a3b8aaf91af234)",
|
||
|
"pattern": "[file:hashes.SHA1 = '9967a99a1b627ddb6899919e32a0f544ea498b48']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a22-bf08-42fe-8e05-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:18.000Z",
|
||
|
"modified": "2016-02-18T23:56:18.000Z",
|
||
|
"description": "Automatically added (via 6791254f160e98ac1f46b4d506b695ad)",
|
||
|
"pattern": "[file:hashes.SHA1 = '95a3c812ca0ad104f045b26c483495129bcf37ca']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a24-ad7c-43ec-9b52-4162950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:20.000Z",
|
||
|
"modified": "2016-02-18T23:56:20.000Z",
|
||
|
"description": "Automatically added (via 7b111e1054b6b929de071c4f48386415)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'bde9a72b2113d18b4fa537cc080d8d8ba1a231e8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a26-e8b8-4556-9a98-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:22.000Z",
|
||
|
"modified": "2016-02-18T23:56:22.000Z",
|
||
|
"description": "Automatically added (via 8022a4136a6200580962da94f3cdb905)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'ce1f53e06feab1e92f07ed544c288bf39c6fce19']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a28-6abc-4ff4-9bbd-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:24.000Z",
|
||
|
"modified": "2016-02-18T23:56:24.000Z",
|
||
|
"description": "Automatically added (via 8214b0e18fbcd5db6b008884e7685f2c)",
|
||
|
"pattern": "[file:hashes.SHA1 = '72dae031d885dbf492c0232dd1c792ab4785a2dc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a29-f3b4-4179-b14d-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:25.000Z",
|
||
|
"modified": "2016-02-18T23:56:25.000Z",
|
||
|
"description": "Automatically added (via 8da9373fc5b8320fb04d6202ca1eb6f1)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'a2ccba46e40d0fb0dd3e1dba160ecbb5440862ec']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:25Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a2b-88f4-4e73-98a8-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:27.000Z",
|
||
|
"modified": "2016-02-18T23:56:27.000Z",
|
||
|
"description": "Automatically added (via 9c31551cd8087072d08c9004c0ce76c5)",
|
||
|
"pattern": "[file:hashes.SHA1 = '1d93d5f5463cdf85e3c22c56ed1381957f4efaac']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:27Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a2d-4d24-4e79-aa52-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:29.000Z",
|
||
|
"modified": "2016-02-18T23:56:29.000Z",
|
||
|
"description": "Automatically added (via c90f798ccfbedb4bbe6c4568e0f05b68)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'e72e67ba32946c2702b7662c510cc1242cffe802']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a30-9d28-46b8-82e8-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:32.000Z",
|
||
|
"modified": "2016-02-18T23:56:32.000Z",
|
||
|
"description": "Automatically added (via 310a4a62ba3765cbf8e8bbb9f324c503)",
|
||
|
"pattern": "[file:hashes.SHA1 = '57169cb4b8ef7a0d7ebd7aa039d1a1efd6eb639e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:32Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a32-bd1c-4c51-912f-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:34.000Z",
|
||
|
"modified": "2016-02-18T23:56:34.000Z",
|
||
|
"description": "Automatically added (via 8c713117af4ca6bbd69292a78069e75b)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'eb518cda3c4f4e6938aaaee07f1f7db8ee91c901']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a34-93ec-4c26-9df3-4077950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:36.000Z",
|
||
|
"modified": "2016-02-18T23:56:36.000Z",
|
||
|
"description": "Automatically added (via ebf42e8b532e2f3b19046b028b5dfb23)",
|
||
|
"pattern": "[file:hashes.SHA1 = '1a2dd2a0555dc746333e7c956c58f7c4cdbabd4b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a36-2978-4033-beb0-59a0950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:38.000Z",
|
||
|
"modified": "2016-02-18T23:56:38.000Z",
|
||
|
"description": "Automatically added (via 37aee58655f5859e60ece6b249107b87)",
|
||
|
"pattern": "[file:hashes.SHA1 = '3ac73ec065ab218a3224e5ade0cf3451dbcb3aab']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a38-fdcc-4791-9a0d-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:40.000Z",
|
||
|
"modified": "2016-02-18T23:56:40.000Z",
|
||
|
"description": "Automatically added (via 4154548e1f8e9e7eb39d48a4cd75bcd1)",
|
||
|
"pattern": "[file:hashes.SHA1 = '83e8315e007fbcf584367152136af3f721107756']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:40Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a39-98ec-45e3-a0d3-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:41.000Z",
|
||
|
"modified": "2016-02-18T23:56:41.000Z",
|
||
|
"description": "Automatically added (via 71f25831681c19ea17b2f2a84a41bbfb)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'eca53a9f6251ddf438508b28d8a483f91b99a3fd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3b-9ad4-4566-bc16-4022950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:43.000Z",
|
||
|
"modified": "2016-02-18T23:56:43.000Z",
|
||
|
"description": "Automatically added (via 8ff473bedbcc77df2c49a91167b1abeb)",
|
||
|
"pattern": "[file:hashes.SHA1 = '71fd952d58cc1948d2a3f67f10d446979f2faf14']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:43Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3d-b5b0-4701-bb3e-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:45.000Z",
|
||
|
"modified": "2016-02-18T23:56:45.000Z",
|
||
|
"description": "Automatically added (via a813eba27b2166620bd75029cc1f04b0)",
|
||
|
"pattern": "[file:hashes.SHA1 = '342036ace2e9e6d504b0dec6399e4fa92de46c12']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:45Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3e-c468-42a0-bd84-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:46.000Z",
|
||
|
"modified": "2016-02-18T23:56:46.000Z",
|
||
|
"description": "Automatically added (via b4ae0004094b37a40978ef06f311a75e)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5cdf397dfd9eb66ff5ff636777f6982c1254a37a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:46Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a40-10fc-4f6c-a952-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:48.000Z",
|
||
|
"modified": "2016-02-18T23:56:48.000Z",
|
||
|
"description": "Automatically added (via c4dec6d69d8035d481e4f2c86f580e81)",
|
||
|
"pattern": "[file:hashes.SHA1 = '0359ffbef6a752ee1a54447b26e272f4a5a35167']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a42-48e0-49b3-bbcc-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:50.000Z",
|
||
|
"modified": "2016-02-18T23:56:50.000Z",
|
||
|
"description": "Automatically added (via 021e134c48cd9ce9eaf6a1c105197e5d)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'bb390f99bfde234bbed59f6a0d962ba874b2396c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:50Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a44-7408-45ad-979f-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:52.000Z",
|
||
|
"modified": "2016-02-18T23:56:52.000Z",
|
||
|
"description": "Automatically added (via e6289e7f9f26be692cbe6f335a706014)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'ac96d7f5957aef09bd983465c497de24c6d17a92']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a47-f674-47d9-8143-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:55.000Z",
|
||
|
"modified": "2016-02-18T23:56:55.000Z",
|
||
|
"description": "Automatically added (via f18be055fae2490221c926e2ad55ab11)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'f3be6514b68f4efb51c215415b4f0c4701fb45fa']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a49-27ac-4d83-813a-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:57.000Z",
|
||
|
"modified": "2016-02-18T23:56:57.000Z",
|
||
|
"description": "Automatically added (via 11876eaadeac34527c28f4ddfadd1e8d)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'cb4263cab467845dae9fae427e3bbeb31c6a14c2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4a-d784-4603-85a3-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:58.000Z",
|
||
|
"modified": "2016-02-18T23:56:58.000Z",
|
||
|
"description": "Automatically added (via 28f2396a1e306d05519b97a3a46ee925)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'b69b95db8a55a050d6d6c0cba13d73975b8219ca']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4c-6ec8-4e75-924d-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:00.000Z",
|
||
|
"modified": "2016-02-18T23:57:00.000Z",
|
||
|
"description": "Automatically added (via 80e39b656f9a77503fa3e6b7dd123ee3)",
|
||
|
"pattern": "[file:hashes.SHA1 = '5c29e21bbe8873778f9363258f5e570dddcadeb9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:00Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4e-fbe8-474e-84a5-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:02.000Z",
|
||
|
"modified": "2016-02-18T23:57:02.000Z",
|
||
|
"description": "Automatically added (via e9e514f8b1561011b4f034263c33a890)",
|
||
|
"pattern": "[file:hashes.SHA1 = '843997b36ed80d3aeea3c822cb5dc446b6bfa7b9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a50-a8b4-48ac-b36b-4917950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:04.000Z",
|
||
|
"modified": "2016-02-18T23:57:04.000Z",
|
||
|
"description": "Automatically added (via 5d4f2871fd1818527ebd65b0ff930a77)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'cfa438449715b61bffa20130df8af778ef011e15']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a51-1820-438d-af1f-4345950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:05.000Z",
|
||
|
"modified": "2016-02-18T23:57:05.000Z",
|
||
|
"description": "Automatically added (via 74b87086887e0c67ffb035069b195ac7)",
|
||
|
"pattern": "[file:hashes.SHA1 = '868d1f4c106a08bd2e5af4f23139f0e0cd798fba']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:05Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a54-fad8-475a-9686-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:08.000Z",
|
||
|
"modified": "2016-02-18T23:57:08.000Z",
|
||
|
"description": "Automatically added (via af670600dee2bf13a68eb962cce8f122)",
|
||
|
"pattern": "[file:hashes.SHA1 = 'd3a0df4cf5507f03791c93bceef52b02a44c1f32']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a57-967c-466b-ac2b-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:11.000Z",
|
||
|
"modified": "2016-02-18T23:57:11.000Z",
|
||
|
"description": "Automatically added (via 597805832d45d522c4882f21db800ecf)",
|
||
|
"pattern": "[file:hashes.SHA1 = '54af4608bb9d928d48f0f82b5ae461de916adb66']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a59-547c-4687-932c-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:13.000Z",
|
||
|
"modified": "2016-02-18T23:57:13.000Z",
|
||
|
"description": "Automatically added (via 6ba315275561d99b1eb8fc614ff0b2b3)",
|
||
|
"pattern": "[file:hashes.SHA1 = '75367d8b506031df5923c2d8d7f1b9f643a123cd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a5a-8dd8-43f4-ab52-c653950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:14.000Z",
|
||
|
"modified": "2016-02-18T23:57:14.000Z",
|
||
|
"description": "Automatically added (via bf8616bbed6d804a3dea09b230c2ab0c)",
|
||
|
"pattern": "[file:hashes.SHA1 = '3b684fa40b4f096e99fbf535962c7da5cf0b4528']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:14Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha1\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659a9-7a18-4d5a-a954-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:17.000Z",
|
||
|
"modified": "2016-02-18T23:54:17.000Z",
|
||
|
"description": "Automatically added (via 002e27938c9390a942cf4b4c319f1768)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'cd2d206d320a343bcc26714130c6c1160102afc41edd256f9fc944b7a3de9c36']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:17Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ab-8d44-46a6-ba09-491c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:19.000Z",
|
||
|
"modified": "2016-02-18T23:54:19.000Z",
|
||
|
"description": "Automatically added (via 062fe1336459a851bd0ea271bb2afe35)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c806be534ad3fd83ec5a7c8d3a378c1f033856db152bea93b5778286d4db1e49']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ac-eebc-4361-b07f-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:20.000Z",
|
||
|
"modified": "2016-02-18T23:54:20.000Z",
|
||
|
"description": "Automatically added (via 09010917cd00dc8ddd21aeb066877aa2)",
|
||
|
"pattern": "[file:hashes.SHA256 = '823a77a64e1e5bb9078ec1af5b446f54a6d21c6308f02eb07d0d8dbf26a7940c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ae-5eb0-4cab-947f-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:22.000Z",
|
||
|
"modified": "2016-02-18T23:54:22.000Z",
|
||
|
"description": "Automatically added (via 0fcb4ffe2eb391421ec876286c9ddb6c)",
|
||
|
"pattern": "[file:hashes.SHA256 = '727ba0af318b26c3c650563b2db984f7a7f8f6616b9d8dfaa3805766aab9a915']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:22Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b0-2008-4ea0-869b-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:24.000Z",
|
||
|
"modified": "2016-02-18T23:54:24.000Z",
|
||
|
"description": "Automatically added (via 12e1dcd71693b6f875a98aefbd4ec91a)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3ada3cd02c9b7c3872b6c132b5916702d874270798c766db6eb347c7561deb1c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b2-2308-4157-ab12-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:26.000Z",
|
||
|
"modified": "2016-02-18T23:54:26.000Z",
|
||
|
"description": "Automatically added (via 1f64afa4069036513604cbf651e53e0d)",
|
||
|
"pattern": "[file:hashes.SHA256 = '9b5b06159946f080dd4a7dc4ab01f6d275b19dc2a2b540d5567fbefa2fddc709']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b4-eec4-4dac-8f03-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:28.000Z",
|
||
|
"modified": "2016-02-18T23:54:28.000Z",
|
||
|
"description": "Automatically added (via 29395c528693b69233c1c12bef8a64b3)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4a3f19b7aefbd8c83d865c2d1e962cddc863ac6520eddb58417a14191231ea2e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b5-7c2c-4ad7-917c-4c9c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:29.000Z",
|
||
|
"modified": "2016-02-18T23:54:29.000Z",
|
||
|
"description": "Automatically added (via 37e568bed4ae057e548439dc811b4d3a)",
|
||
|
"pattern": "[file:hashes.SHA256 = '31a1336f9998313bc33db0bb58ba1c8de5d6d806471f8a3252c858ab073cdd07']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b7-8b14-488f-a8d5-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:31.000Z",
|
||
|
"modified": "2016-02-18T23:54:31.000Z",
|
||
|
"description": "Automatically added (via 40f47850c5ebf768fd1303a32310c73e)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b798d77517558d1a66d7480aa9e5d7878f9838bde54c2c8dd7976f9233878a17']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659b9-71cc-4a6e-9c0b-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:33.000Z",
|
||
|
"modified": "2016-02-18T23:54:33.000Z",
|
||
|
"description": "Automatically added (via 414854a9b40f7757ed7bfc6a1b01250f)",
|
||
|
"pattern": "[file:hashes.SHA256 = '03d18579e9b4412d4f6cd37aed7d4b62a3ad95defd0968e3711807a5b055e41a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ba-6fd8-4d42-af75-4860950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:34.000Z",
|
||
|
"modified": "2016-02-18T23:54:34.000Z",
|
||
|
"description": "Automatically added (via 428fc53c84e921ac518e54a5d055f54a)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'cde12cbc192669adfb9f4ecd35cb2152b3435276f42fde240671528bbae97ebb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:34Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659bc-6280-4029-9aeb-4823950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:36.000Z",
|
||
|
"modified": "2016-02-18T23:54:36.000Z",
|
||
|
"description": "Automatically added (via 4c10a1efed25b828e4785d9526507fbc)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e3de8f876b8b8be249f7ab3d5d097dd66d8206f5735f4cdf72187bc5c7c61811']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659bd-e3e0-4ae9-8cda-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:37.000Z",
|
||
|
"modified": "2016-02-18T23:54:37.000Z",
|
||
|
"description": "Automatically added (via 4c6b21e98ca03e0ef0910e07cef45dac)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4d977b50ad088fe37978095dce174c3d09abe011c80e38ee026fe5e640e2814d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659bf-48f4-4323-98be-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:39.000Z",
|
||
|
"modified": "2016-02-18T23:54:39.000Z",
|
||
|
"description": "Automatically added (via 4e5c116d874bbaaf7d6dadec7be926f5)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'f2e91cf89d9bcc51f0344b327081466c6fad5c22c4ca1f556b752a8c0c3c1fb9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c1-0514-4706-be20-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:41.000Z",
|
||
|
"modified": "2016-02-18T23:54:41.000Z",
|
||
|
"description": "Automatically added (via 550459b31d8dabaad1923565b7e50242)",
|
||
|
"pattern": "[file:hashes.SHA256 = '391adffdda738ce1d1179e715655b0baafa2505e7757185688b2e3092b8b6b2c']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c2-f67c-458f-8b64-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:42.000Z",
|
||
|
"modified": "2016-02-18T23:54:42.000Z",
|
||
|
"description": "Automatically added (via 59e055cee87d8faf6f701293e5830b5a)",
|
||
|
"pattern": "[file:hashes.SHA256 = '782017f719ba1af241da35abedfdd4e5da0defa925d2452ea947c55912092d0e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:42Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c4-335c-4deb-a049-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:44.000Z",
|
||
|
"modified": "2016-02-18T23:54:44.000Z",
|
||
|
"description": "Automatically added (via 5ae51243647b7d03a5cb20dccbc0d561)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'f3fa5cfcc66c8e9cfd2df4c193881f27063578d4771bb59ead54623b4918c331']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:44Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c6-2670-47ea-bc4e-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:46.000Z",
|
||
|
"modified": "2016-02-18T23:54:46.000Z",
|
||
|
"description": "Automatically added (via 5b590798da581c894d8a87964763aa8b)",
|
||
|
"pattern": "[file:hashes.SHA256 = '13f087899a087642aa5870f67afe6712b3764d1c01d20009db6fd63672c980b8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:46Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c7-2df4-414d-98bd-4643950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:47.000Z",
|
||
|
"modified": "2016-02-18T23:54:47.000Z",
|
||
|
"description": "Automatically added (via 62e5d5e244059dc02654f497401615cc)",
|
||
|
"pattern": "[file:hashes.SHA256 = '10d4cde5705c0dce5c521cbeb32da3ee22b5781de875112eba6204cfc5394d99']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:47Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659c9-030c-431d-a10c-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:49.000Z",
|
||
|
"modified": "2016-02-18T23:54:49.000Z",
|
||
|
"description": "Automatically added (via 65232a8d555d7c4f7bc0d7c5da08c593)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3b1defbeb51c1dc737ec14da04938c23a2a580412537ff826a5df75f262d3211']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:49Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659cb-6f74-4835-be42-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:51.000Z",
|
||
|
"modified": "2016-02-18T23:54:51.000Z",
|
||
|
"description": "Automatically added (via 853a20f5fc6d16202828df132c41a061)",
|
||
|
"pattern": "[file:hashes.SHA256 = '9226407939dc4f0c4d4d2b6f9811a9e8ee8c2b073b9f95f11590dec440253f2a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659cc-118c-48e6-9d97-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:52.000Z",
|
||
|
"modified": "2016-02-18T23:54:52.000Z",
|
||
|
"description": "Automatically added (via 95bfe940816a89f168cacbc340eb4a5f)",
|
||
|
"pattern": "[file:hashes.SHA256 = '682c38d334777e149034443ffca0a393e12f5325e67fe88e2c5f33e80ebd3a38']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ce-c030-4468-964b-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:54.000Z",
|
||
|
"modified": "2016-02-18T23:54:54.000Z",
|
||
|
"description": "Automatically added (via 9c0cad1560cd0ffe2aa570621ef7d0a0)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b4e93bb2693f2ea647c42c7e4bd63ef0ab61d6c53affa6799a52b06d8c99f719']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d0-e138-4ca9-b418-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:56.000Z",
|
||
|
"modified": "2016-02-18T23:54:56.000Z",
|
||
|
"description": "Automatically added (via a5ca2c5b4d8c0c1bc93570ed13dcab1a)",
|
||
|
"pattern": "[file:hashes.SHA256 = '1c5e3ba213706b8369ca64993ac46740f5004c8572de2462608ecb0977c51614']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d2-8b38-44aa-a26d-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:58.000Z",
|
||
|
"modified": "2016-02-18T23:54:58.000Z",
|
||
|
"description": "Automatically added (via a9e8e402a7ee459e4896d0ba83543684)",
|
||
|
"pattern": "[file:hashes.SHA256 = '1ec64a08c5c9afedb773d18a7eb125956d6de4cfa9e57a2f40fe29b036070a2f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d3-1a14-47b8-bbfa-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:54:59.000Z",
|
||
|
"modified": "2016-02-18T23:54:59.000Z",
|
||
|
"description": "Automatically added (via acb2ba25ef225d820ac8a5923b746cb8)",
|
||
|
"pattern": "[file:hashes.SHA256 = '774514b6843f859622a4db0322f5c8691b63342e59af6bf4c7ea4865be3a7de3']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:54:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d5-bd98-4324-a950-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:01.000Z",
|
||
|
"modified": "2016-02-18T23:55:01.000Z",
|
||
|
"description": "Automatically added (via b2138a57f723326eda5a26d2dec56851)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e631e6220a9f438080f34b006ceab42b3011a97cf93116f1da644b75cb197afc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d7-f638-4872-9b15-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:03.000Z",
|
||
|
"modified": "2016-02-18T23:55:03.000Z",
|
||
|
"description": "Automatically added (via b590c15499448639c2748ff9e0d214b2)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd2c5e3ce8fcdbf70e06b63437c24788e6fca61742c8cce76374f5bcda95a0585']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659d8-27d8-4aec-91c7-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:04.000Z",
|
||
|
"modified": "2016-02-18T23:55:04.000Z",
|
||
|
"description": "Automatically added (via b7b282c9e3eca888cbdb5a856e07e8bd)",
|
||
|
"pattern": "[file:hashes.SHA256 = '69cb0c720dda9b638a491ad056491c44d31427e88c7bfc7ee20cce60d810f346']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659da-bfc8-4c9a-a197-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:06.000Z",
|
||
|
"modified": "2016-02-18T23:55:06.000Z",
|
||
|
"description": "Automatically added (via ba80e3ad617e6998f3c4b003397db840)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3c81f658aea68df6aeac3a388d0a57b72874631f5f916824d45569dfb7382703']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659dc-7d28-4897-a897-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:08.000Z",
|
||
|
"modified": "2016-02-18T23:55:08.000Z",
|
||
|
"description": "Automatically added (via c95cd106c1fecbd500f4b97566d8dc96)",
|
||
|
"pattern": "[file:hashes.SHA256 = '6af7ed8981f9e88e1b6cb774bcfe966fc6aea9e7012e46aabd4c2e8cd6553691']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659dd-f0e8-4e62-a1c2-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:09.000Z",
|
||
|
"modified": "2016-02-18T23:55:09.000Z",
|
||
|
"description": "Automatically added (via d38e02eac7e3b299b46ff2607dd0f288)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'fa573ebb8dcd4a224ddf857ab9d71e5da9646254724130045cc6f8de4b14a08b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659df-7670-4f93-8fb3-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:11.000Z",
|
||
|
"modified": "2016-02-18T23:55:11.000Z",
|
||
|
"description": "Automatically added (via d8e68db503f4155ed1aeba95d1f5e3e4)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'ba2e8bee0e14c1689cc2df494b92924c547fff8f95f0d36e8925db9c2c0db8e4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e1-735c-4036-a871-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:13.000Z",
|
||
|
"modified": "2016-02-18T23:55:13.000Z",
|
||
|
"description": "Automatically added (via d93026b1c6c828d0905a0868e4cbc55f)",
|
||
|
"pattern": "[file:hashes.SHA256 = '5bc92c5fc35388b6ea7c07390031fee034ed3af30095101a696845efd1de8cab']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e3-8444-4d24-aa23-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:15.000Z",
|
||
|
"modified": "2016-02-18T23:55:15.000Z",
|
||
|
"description": "Automatically added (via db3e5c2f2ce07c2d3fa38d6fc1ceb854)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e84ba9087fb3f2f7f484f20e9cc0d97d3747047e47aeea510732f319f5c9d514']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e4-46d4-48d0-bd17-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:16.000Z",
|
||
|
"modified": "2016-02-18T23:55:16.000Z",
|
||
|
"description": "Automatically added (via df1799845b51300b03072c6569ab96d5)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'f20c16765660336755cbfaccafc47dbdebfdaa11c6fca159df6ceef7914480de']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:16Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e6-b3b4-493c-b456-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:18.000Z",
|
||
|
"modified": "2016-02-18T23:55:18.000Z",
|
||
|
"description": "Automatically added (via e26a2afaaddfb09d9ede505c6f1cc4e3)",
|
||
|
"pattern": "[file:hashes.SHA256 = '1bed58cd45944559056b601700ed80275dbe9de23c1b1e36b4d756b2a8ef3499']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659e8-b510-4ce6-b37e-4c16950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:20.000Z",
|
||
|
"modified": "2016-02-18T23:55:20.000Z",
|
||
|
"description": "Automatically added (via e3ae3cbc024e39121c87d73e87bb2210)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'bb6d8ef6a44bfece920aab9139ddee1b9e66a79fcf307c6213fdf70221719cff']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:20Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659eb-e9d0-4f5f-8627-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:23.000Z",
|
||
|
"modified": "2016-02-18T23:55:23.000Z",
|
||
|
"description": "Automatically added (via e62a63307deead5c9fcca6b9a2d51fb0)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd41bd6f092a77314eb885c91f5588003d8354630aebf51e6229ac3e14c9fe5e4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ec-03a4-433a-bda0-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:24.000Z",
|
||
|
"modified": "2016-02-18T23:55:24.000Z",
|
||
|
"description": "Automatically added (via ec3905d8e100644ae96ad9b51d701a7f)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'dc6c608733c5ec00633c9ddc9e79700719b47eca72c19d6dfd0b0b590830faf6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ee-049c-4414-9cd3-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:26.000Z",
|
||
|
"modified": "2016-02-18T23:55:26.000Z",
|
||
|
"description": "Automatically added (via ed151602dea80f39173c2f7b1dd58e06)",
|
||
|
"pattern": "[file:hashes.SHA256 = '2812b987b7d5de66dc01c8dd9d3ec213642696ed710dfa198e42a7886d91b6d4']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f0-a690-40ff-8b53-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:28.000Z",
|
||
|
"modified": "2016-02-18T23:55:28.000Z",
|
||
|
"description": "Automatically added (via 07bb30a2a42423e54f70af61e20edca3)",
|
||
|
"pattern": "[file:hashes.SHA256 = '70ff05fdeb51559c17696eb1c8577dd0aed7eaafb6922c711aa0b6721db246d9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f1-9d3c-4933-ae7e-40b1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:29.000Z",
|
||
|
"modified": "2016-02-18T23:55:29.000Z",
|
||
|
"description": "Automatically added (via 08f299c2d8cfe1ae64d71dfb15fe6e8d)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'ffc168ec8e14618ce06ae38d8ea39dde690e2cdded0f451bc7846e18bd72c665']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:29Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f3-9570-48c7-b376-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:31.000Z",
|
||
|
"modified": "2016-02-18T23:55:31.000Z",
|
||
|
"description": "Automatically added (via 139158fe63a0e46639cc20b754a7c38c)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e153e214ec22754fd6bbd4d4b62b87651216badda2d5c1124387aede2e1d66bb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:31Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f5-0d50-4f71-a08f-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:33.000Z",
|
||
|
"modified": "2016-02-18T23:55:33.000Z",
|
||
|
"description": "Automatically added (via 4a41c422e9eb29f5d722700b060bca11)",
|
||
|
"pattern": "[file:hashes.SHA256 = '41009a7ee00d2c640e9f8681f65352b85eebc43f5536ea078ac91372a60f5ee7']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f7-1bec-4860-abac-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:35.000Z",
|
||
|
"modified": "2016-02-18T23:55:35.000Z",
|
||
|
"description": "Automatically added (via 646e2cfa6aa457013769e2b89454acf7)",
|
||
|
"pattern": "[file:hashes.SHA256 = '6ac981d137569bf3ea8d8d929a2e8c63acfbc7bc87de8521b50e2874990d5f2d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659f8-e010-4b50-ad22-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:36.000Z",
|
||
|
"modified": "2016-02-18T23:55:36.000Z",
|
||
|
"description": "Automatically added (via 948a53450e1d7dc7535ea52ca7d5bddd)",
|
||
|
"pattern": "[file:hashes.SHA256 = '095cee8f9f9f533b315843039a901d3613a31e6a0ae3322f52ca8711f8e3507b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:36Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fa-6024-4a8b-96dc-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:38.000Z",
|
||
|
"modified": "2016-02-18T23:55:38.000Z",
|
||
|
"description": "Automatically added (via ad044dc0e2e1eaa19cf031dbcff9d770)",
|
||
|
"pattern": "[file:hashes.SHA256 = '2db1ec48d199b36e59726b60a4e1f95a3bb5402e4f8ddea6ccb5dff973d77bcc']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:38Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fc-ceb4-41f6-9863-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:40.000Z",
|
||
|
"modified": "2016-02-18T23:55:40.000Z",
|
||
|
"description": "Automatically added (via af1c1c5d8031c4942630b6a10270d8f4)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c1e9dfa1f1b3037da9b72354edf25250c12084234bccfbb6d970b1c196cddda1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:40Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659fd-b4f4-4f3d-a756-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:41.000Z",
|
||
|
"modified": "2016-02-18T23:55:41.000Z",
|
||
|
"description": "Automatically added (via c6e388ee5269239070e5ad7336d0bf59)",
|
||
|
"pattern": "[file:hashes.SHA256 = '2efefb0778b265c7b7b87262eb615014d1dbb90a4a64255651c67b814feee057']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:41Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c659ff-5ecc-4f42-8a46-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:43.000Z",
|
||
|
"modified": "2016-02-18T23:55:43.000Z",
|
||
|
"description": "Automatically added (via c9484902c7f1756b26244d6d644c9dd5)",
|
||
|
"pattern": "[file:hashes.SHA256 = '263175e8161c374528de87a3f70b9312aed4d16835d75d421523a2ad5c392d33']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:43Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a01-df4c-43f0-bc96-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:45.000Z",
|
||
|
"modified": "2016-02-18T23:55:45.000Z",
|
||
|
"description": "Automatically added (via cc06815e8d8c0083263651877decb44b)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4fa0e0cfe9406f6644613f91afda3e48418f147e0145712a3ac334492edba5af']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:45Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a03-ab84-4fd2-9ec8-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:47.000Z",
|
||
|
"modified": "2016-02-18T23:55:47.000Z",
|
||
|
"description": "Automatically added (via dc95b0e8ecb22ad607fc912219a640c1)",
|
||
|
"pattern": "[file:hashes.SHA256 = '80e1e8c7b7e69a46a97ca4e6f591b15e09ae288b4e0bb5ee457b26c61062da92']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:47Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a04-5528-4ccb-bc7f-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:48.000Z",
|
||
|
"modified": "2016-02-18T23:55:48.000Z",
|
||
|
"description": "Automatically added (via f97ec83d68362e4dff4756ed1101fea8)",
|
||
|
"pattern": "[file:hashes.SHA256 = '7477ccdc1980440879b46ecf2be5112b5ebb04a0baa740cdaa63db5ce822143d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:48Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a06-8aa4-48bf-8b48-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:50.000Z",
|
||
|
"modified": "2016-02-18T23:55:50.000Z",
|
||
|
"description": "Automatically added (via 572c9cd4388699347c0b2edb7c6f5e25)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c3fd244badd96c81c40e63d7001ffc4a97336a930a882bdd555e8c4b1439411b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:50Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a08-ebc0-4822-b33c-48b3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:52.000Z",
|
||
|
"modified": "2016-02-18T23:55:52.000Z",
|
||
|
"description": "Automatically added (via 6e689351d94389ac6fdc341b859c7f6f)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b3098b9b3e16856481d195c80f6a6b4bd1841d31b0f3587e3516f847de345682']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0a-81b8-4313-80d9-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:54.000Z",
|
||
|
"modified": "2016-02-18T23:55:54.000Z",
|
||
|
"description": "Automatically added (via b5546842e08950bc17a438d785b5a019)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3d42796c0611fbceb5ded8a315bea23690d684137161baa733aea4d19bc9902f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:54Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0c-f8b0-45bc-8518-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:56.000Z",
|
||
|
"modified": "2016-02-18T23:55:56.000Z",
|
||
|
"description": "Automatically added (via 010ca5e1de980f5f45f9d82027e1606c)",
|
||
|
"pattern": "[file:hashes.SHA256 = '0beb385415a07e576ed682751481be864af7aebb8281b3b0fb092efbbaf427f9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:56Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0e-6854-4bd5-b4b3-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:58.000Z",
|
||
|
"modified": "2016-02-18T23:55:58.000Z",
|
||
|
"description": "Automatically added (via 0570066887f44bc6c82ebe033cad0451)",
|
||
|
"pattern": "[file:hashes.SHA256 = '842d3b54c0d1a3cc1420a66ee2ea62851bfdfe2afbbe5b0832fbb6fbbe962ae8']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:58Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a0f-d848-45bd-a41d-42a8950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:55:59.000Z",
|
||
|
"modified": "2016-02-18T23:55:59.000Z",
|
||
|
"description": "Automatically added (via 0a4fdacde69a566f53833500a0d53a35)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c64598688487febdbc958218d9f989953491ff3946a7d7a2805f5a32149db38b']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:55:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a11-1180-4548-813f-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:01.000Z",
|
||
|
"modified": "2016-02-18T23:56:01.000Z",
|
||
|
"description": "Automatically added (via 1133fe501fa4691b7f52e53706c80df9)",
|
||
|
"pattern": "[file:hashes.SHA256 = '1daa04c34d2f252f199403f2f719f355b020921bd3280e2d7676e59f6e7b802e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a12-c5a8-4866-b5b9-599c950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:02.000Z",
|
||
|
"modified": "2016-02-18T23:56:02.000Z",
|
||
|
"description": "Automatically added (via 2a2b22aa94a59575ca1dea8dd489d2eb)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'df2fe088b74dc4b05109e29c4fa598311a261cffbba5e37e4a7f0676bb6fc6eb']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:02Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a14-c208-41b0-94ae-4871950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:04.000Z",
|
||
|
"modified": "2016-02-18T23:56:04.000Z",
|
||
|
"description": "Automatically added (via 2d75de9e1bb58fe61fd971bb720a49b7)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'a1f3d348e433e89687fb4db003e2f9c15d808b28412729f72373d99d53a01a6d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a16-fbe4-4520-9cbc-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:06.000Z",
|
||
|
"modified": "2016-02-18T23:56:06.000Z",
|
||
|
"description": "Automatically added (via 40601cf29c1bbfe0942d1ac914d8ce27)",
|
||
|
"pattern": "[file:hashes.SHA256 = '00bd90d8deae6ed682e7967e528dcf43d84937fb67a829d72cb67adb908e48b9']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a18-a5e4-4a77-91e4-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:08.000Z",
|
||
|
"modified": "2016-02-18T23:56:08.000Z",
|
||
|
"description": "Automatically added (via 44992068aab25daa1decae93b25060af)",
|
||
|
"pattern": "[file:hashes.SHA256 = '1cc5d9c633fa2dd99503903a8d5a67b3cd9dc605ea01131f9a7f481545bd7aa5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:08Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a19-b778-4103-a45f-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:09.000Z",
|
||
|
"modified": "2016-02-18T23:56:09.000Z",
|
||
|
"description": "Automatically added (via 49ee6365618b2a5819d36a48131e280c)",
|
||
|
"pattern": "[file:hashes.SHA256 = '50267aeb0e7618fd4bd3a57f2c6d2ee5bbd3e7219f3291d9862c1b65b83ce481']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1b-c994-4168-8537-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:11.000Z",
|
||
|
"modified": "2016-02-18T23:56:11.000Z",
|
||
|
"description": "Automatically added (via 4b8531d294c020d5f856b58a5a23b238)",
|
||
|
"pattern": "[file:hashes.SHA256 = '616fdc57d3bb0c61e31979a788bd5c3030b6be6c7c666ddd48508bd3c3e941b5']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1d-a638-45af-a18e-599f950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:13.000Z",
|
||
|
"modified": "2016-02-18T23:56:13.000Z",
|
||
|
"description": "Automatically added (via 4ee00c46da143ba70f7e6270960823be)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd00c63ac0935f97cb01b5bd4994d60fe7a326b9b075e9ac4e98c8f8e527af564']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a1f-0698-4aca-aa06-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:15.000Z",
|
||
|
"modified": "2016-02-18T23:56:15.000Z",
|
||
|
"description": "Automatically added (via 5ddbd80720997f7a8ff53396e8e8b920)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e08b72e1a54d917d530802fc27b8c9948983600bb30893d5aadd6a22dd212418']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a22-75f8-41fb-be87-59a4950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:18.000Z",
|
||
|
"modified": "2016-02-18T23:56:18.000Z",
|
||
|
"description": "Automatically added (via 65b984b198359003a5a3b8aaf91af234)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'aad449dcfd2915cdae23b15062e34a78b21d929c584c18835c0f5dfaf9089a4a']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:18Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a23-8808-4d06-94dc-4f0a950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:19.000Z",
|
||
|
"modified": "2016-02-18T23:56:19.000Z",
|
||
|
"description": "Automatically added (via 6791254f160e98ac1f46b4d506b695ad)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c333a38ca6e76da8db172d4b5b7e7b8d1fafea4a14bac8bd5c36c0c57f6e3f27']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:19Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a25-f738-4ef2-b36c-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:21.000Z",
|
||
|
"modified": "2016-02-18T23:56:21.000Z",
|
||
|
"description": "Automatically added (via 7b111e1054b6b929de071c4f48386415)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4d155fd3a765cdda561161ae7d3202157af7fc44d4bbf14418b9d7ca6953e558']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:21Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a27-d2c0-4818-a1d4-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:23.000Z",
|
||
|
"modified": "2016-02-18T23:56:23.000Z",
|
||
|
"description": "Automatically added (via 8022a4136a6200580962da94f3cdb905)",
|
||
|
"pattern": "[file:hashes.SHA256 = '805cc7b05686815be09b5173c4c7037eb91f14f27792ebbb8bd90f427d1ca5b1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:23Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a28-7548-48f7-bebc-4f47950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:24.000Z",
|
||
|
"modified": "2016-02-18T23:56:24.000Z",
|
||
|
"description": "Automatically added (via 8214b0e18fbcd5db6b008884e7685f2c)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'e889a265b732bb35ab22639db281430b9b8a5b1dd808950a3ae392b433acb4dd']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:24Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a2a-afbc-4e0e-82ba-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:26.000Z",
|
||
|
"modified": "2016-02-18T23:56:26.000Z",
|
||
|
"description": "Automatically added (via 8da9373fc5b8320fb04d6202ca1eb6f1)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4ac283b1f82e49d2eee206b03a0b0e081661fc844a7e449d59579367cb37da00']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:26Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a2c-31c4-4d2a-8044-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:28.000Z",
|
||
|
"modified": "2016-02-18T23:56:28.000Z",
|
||
|
"description": "Automatically added (via 9c31551cd8087072d08c9004c0ce76c5)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b01780388d276f49b4b55e42aea3dedbda5b62fc7bce21f733d3efdd8ed2cb6d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:28Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a2e-0910-4397-8e28-45cd950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:30.000Z",
|
||
|
"modified": "2016-02-18T23:56:30.000Z",
|
||
|
"description": "Automatically added (via c90f798ccfbedb4bbe6c4568e0f05b68)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'deaf20dce2aa4ba813396195db2dd1ff436a1ae8d740684a0f128fb9730f13d2']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:30Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a31-5738-4867-8716-5f51950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:33.000Z",
|
||
|
"modified": "2016-02-18T23:56:33.000Z",
|
||
|
"description": "Automatically added (via 310a4a62ba3765cbf8e8bbb9f324c503)",
|
||
|
"pattern": "[file:hashes.SHA256 = '017f4349170bd50e0abe565cd96ce7c65cf9a8308f76a20a0a7f391f73390012']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:33Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a33-4568-4c92-9c8d-4a6a950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:35.000Z",
|
||
|
"modified": "2016-02-18T23:56:35.000Z",
|
||
|
"description": "Automatically added (via 8c713117af4ca6bbd69292a78069e75b)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'c50a48ef605b1f57f37afb883d643d69233cf506065d2bf806dae639cac8c264']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:35Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a35-ee00-418b-9678-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:37.000Z",
|
||
|
"modified": "2016-02-18T23:56:37.000Z",
|
||
|
"description": "Automatically added (via ebf42e8b532e2f3b19046b028b5dfb23)",
|
||
|
"pattern": "[file:hashes.SHA256 = '6d1461c75cfeb83759a5f4d99763c19cb17f8df3c743e3f9f755720391a6d148']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:37Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a37-9584-42be-88ec-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:39.000Z",
|
||
|
"modified": "2016-02-18T23:56:39.000Z",
|
||
|
"description": "Automatically added (via 37aee58655f5859e60ece6b249107b87)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3ff2fe9a2ac6bdfd41f5743d4aef3927bbe89410f5f32ae9c965c3f67affcf7f']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:39Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a38-548c-4fca-91db-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:40.000Z",
|
||
|
"modified": "2016-02-18T23:56:40.000Z",
|
||
|
"description": "Automatically added (via 4154548e1f8e9e7eb39d48a4cd75bcd1)",
|
||
|
"pattern": "[file:hashes.SHA256 = '6dbfdfda3b525e2805a4e57c6b010bb6c5991cdf5b59fe4016016190aa06ef94']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:40Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3a-1970-47b8-a98c-46f7950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:42.000Z",
|
||
|
"modified": "2016-02-18T23:56:42.000Z",
|
||
|
"description": "Automatically added (via 71f25831681c19ea17b2f2a84a41bbfb)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'ad410f7e25082e139b433814c370750ae74cf43727486cb2e0b35ad88b2c0910']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:42Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3c-ad98-43d4-80db-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:44.000Z",
|
||
|
"modified": "2016-02-18T23:56:44.000Z",
|
||
|
"description": "Automatically added (via 8ff473bedbcc77df2c49a91167b1abeb)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b5c32e139d5e9e3599dd5289f21bb1c5ca75762cc59e94582911c4fd85230de0']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:44Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3d-d4c8-4318-b100-599d950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:45.000Z",
|
||
|
"modified": "2016-02-18T23:56:45.000Z",
|
||
|
"description": "Automatically added (via a813eba27b2166620bd75029cc1f04b0)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3f62c49c723f80a728f574d29c2104ea16bc63d6caf2331d19c56e7f8011c34e']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:45Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a3f-d49c-40c6-9c93-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:47.000Z",
|
||
|
"modified": "2016-02-18T23:56:47.000Z",
|
||
|
"description": "Automatically added (via b4ae0004094b37a40978ef06f311a75e)",
|
||
|
"pattern": "[file:hashes.SHA256 = '39a1d2f60602dd24a669bee6b10bdbcf4621a35ef339745e7ac384e46d6dc303']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:47Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a41-5870-4d99-82c6-59a3950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:49.000Z",
|
||
|
"modified": "2016-02-18T23:56:49.000Z",
|
||
|
"description": "Automatically added (via c4dec6d69d8035d481e4f2c86f580e81)",
|
||
|
"pattern": "[file:hashes.SHA256 = '98f028dfd1ef15f10c1184823ae7199e329aa3c811d511d183ee83e68af3c980']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:49Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a43-2118-43bc-94b7-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:51.000Z",
|
||
|
"modified": "2016-02-18T23:56:51.000Z",
|
||
|
"description": "Automatically added (via 021e134c48cd9ce9eaf6a1c105197e5d)",
|
||
|
"pattern": "[file:hashes.SHA256 = '4539a7a77cc8efd531a6164e27afde755326e98061c6c23d7dd1c88147a0b8e1']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:51Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a44-aad4-49d1-9451-59a1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:52.000Z",
|
||
|
"modified": "2016-02-18T23:56:52.000Z",
|
||
|
"description": "Automatically added (via e6289e7f9f26be692cbe6f335a706014)",
|
||
|
"pattern": "[file:hashes.SHA256 = '013812e170d2ec2e02bbb6cd8c1b30ec4864e19c0b786f2e1390753e031c0501']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:52Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a47-0588-4697-ac28-c654950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:55.000Z",
|
||
|
"modified": "2016-02-18T23:56:55.000Z",
|
||
|
"description": "Automatically added (via f18be055fae2490221c926e2ad55ab11)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b2f3323418d20b0b91419e58b6ca2b57423286a7046f6729cafbe39178f65124']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:55Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a49-0260-43be-8fb5-49d2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:57.000Z",
|
||
|
"modified": "2016-02-18T23:56:57.000Z",
|
||
|
"description": "Automatically added (via 11876eaadeac34527c28f4ddfadd1e8d)",
|
||
|
"pattern": "[file:hashes.SHA256 = '10b94d3088a21b367c085e5f6493f022b47f279352e657719f7b8a5957964a1d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:57Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4b-1d2c-41d1-ae2a-59a0950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:56:59.000Z",
|
||
|
"modified": "2016-02-18T23:56:59.000Z",
|
||
|
"description": "Automatically added (via 28f2396a1e306d05519b97a3a46ee925)",
|
||
|
"pattern": "[file:hashes.SHA256 = '5a07e6943e800d7951603b5a2dae22fd5b022fffa5f820ed1212820e2c357b0d']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:56:59Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4d-f9e0-492e-8fad-599e950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:01.000Z",
|
||
|
"modified": "2016-02-18T23:57:01.000Z",
|
||
|
"description": "Automatically added (via 80e39b656f9a77503fa3e6b7dd123ee3)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b76a6090fdf004fd6d6e94f3dc90a7c75fb136f2b4d2fbfe6f086166c8db5b08']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:01Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a4f-97a8-41ce-bb98-c650950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:03.000Z",
|
||
|
"modified": "2016-02-18T23:57:03.000Z",
|
||
|
"description": "Automatically added (via e9e514f8b1561011b4f034263c33a890)",
|
||
|
"pattern": "[file:hashes.SHA256 = '3f1a7d843f9cdd7d834aa67299bc14eee3410e7d68e1aadfc58d500d80083961']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:03Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a50-59f8-4c71-a11c-c651950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:04.000Z",
|
||
|
"modified": "2016-02-18T23:57:04.000Z",
|
||
|
"description": "Automatically added (via 5d4f2871fd1818527ebd65b0ff930a77)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'b628e1951c0843b048cf8f4884753ef622bcbf3c06499c25f9f96201d8ce8def']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:04Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a52-55dc-481a-9343-59a2950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:06.000Z",
|
||
|
"modified": "2016-02-18T23:57:06.000Z",
|
||
|
"description": "Automatically added (via 74b87086887e0c67ffb035069b195ac7)",
|
||
|
"pattern": "[file:hashes.SHA256 = '50a9104e02e2fc6a1c3bc9b4f4e8be10c52f2c1c6943734c6497dd7ed4ef6172']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:06Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a55-814c-4360-8cda-59a0950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:09.000Z",
|
||
|
"modified": "2016-02-18T23:57:09.000Z",
|
||
|
"description": "Automatically added (via af670600dee2bf13a68eb962cce8f122)",
|
||
|
"pattern": "[file:hashes.SHA256 = '90ed95f853a87a71be01f4de413543f2ffeb6ec39356c22f402543fc97f3a9a6']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:09Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a57-dac0-4aab-8886-4091950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:11.000Z",
|
||
|
"modified": "2016-02-18T23:57:11.000Z",
|
||
|
"description": "Automatically added (via 597805832d45d522c4882f21db800ecf)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'fc06d59bb851931847ed60f30842487f0831daa0e3050ec2ba71a6270c583e89']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:11Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a59-cad0-4c10-bac5-c652950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:13.000Z",
|
||
|
"modified": "2016-02-18T23:57:13.000Z",
|
||
|
"description": "Automatically added (via 6ba315275561d99b1eb8fc614ff0b2b3)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'a3d488b01d0fb4cf211b8a47e7e0203dbc9c5b8d11221d2d4fefac3c53e6b049']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:13Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "indicator",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "indicator--56c65a5b-a998-40f4-aef6-5ca1950d210f",
|
||
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
||
|
"created": "2016-02-18T23:57:15.000Z",
|
||
|
"modified": "2016-02-18T23:57:15.000Z",
|
||
|
"description": "Automatically added (via bf8616bbed6d804a3dea09b230c2ab0c)",
|
||
|
"pattern": "[file:hashes.SHA256 = 'd02d16ca1d1f4e05f98771fabe09dd1ac16ccf7031e2652d29723af35d3d9e82']",
|
||
|
"pattern_type": "stix",
|
||
|
"pattern_version": "2.1",
|
||
|
"valid_from": "2016-02-18T23:57:15Z",
|
||
|
"kill_chain_phases": [
|
||
|
{
|
||
|
"kill_chain_name": "misp-category",
|
||
|
"phase_name": "Payload installation"
|
||
|
}
|
||
|
],
|
||
|
"labels": [
|
||
|
"misp:type=\"sha256\"",
|
||
|
"misp:category=\"Payload installation\"",
|
||
|
"misp:to_ids=\"True\""
|
||
|
]
|
||
|
},
|
||
|
{
|
||
|
"type": "marking-definition",
|
||
|
"spec_version": "2.1",
|
||
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||
|
"created": "2017-01-20T00:00:00.000Z",
|
||
|
"definition_type": "tlp",
|
||
|
"name": "TLP:WHITE",
|
||
|
"definition": {
|
||
|
"tlp": "white"
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|