adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/55c279fc-e814-4915-96dd-4f19950d210b.json

5999 lines
244 KiB
JSON
Raw Normal View History

chg: [misp-stix] STIX 2.1 export added
2023-04-21 14:44:17 +00:00
{
"type": "bundle",
"id": "bundle--55c279fc-e814-4915-96dd-4f19950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:32:15.000Z",
"modified": "2016-04-15T19:32:15.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55c279fc-e814-4915-96dd-4f19950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:32:15.000Z",
"modified": "2016-04-15T19:32:15.000Z",
"name": "OSINT Revealing the Cyber-Kraken (Threat Group 3390 / Emissary Panda) by SecureWorks",
"published": "2016-04-15T19:32:53Z",
"object_refs": [
"observed-data--55c27a1d-ed04-4102-b03e-432a950d210b",
"url--55c27a1d-ed04-4102-b03e-432a950d210b",
"observed-data--55c27a1d-b958-43a6-9363-4f1d950d210b",
"url--55c27a1d-b958-43a6-9363-4f1d950d210b",
"x-misp-attribute--55c27a48-cb58-4718-807b-4195950d210b",
"x-misp-attribute--55c27a48-6fdc-45fe-a0d0-49bc950d210b",
"indicator--55c36726-a770-4f30-be2f-4cb2950d210b",
"indicator--55c36726-f870-44d0-b7a3-4694950d210b",
"indicator--55c36726-d51c-4a1f-8813-4e98950d210b",
"indicator--55c36727-8f1c-4c52-9144-41b7950d210b",
"indicator--55c36727-2554-4dc2-a021-456c950d210b",
"indicator--55c36727-7300-4435-9162-439a950d210b",
"indicator--55c36727-a320-4e63-b01b-4622950d210b",
"indicator--55c36727-e4d4-438e-8619-4368950d210b",
"indicator--55c36728-9c9c-4db3-b6a4-417f950d210b",
"indicator--55c36728-cac8-4d4c-b98e-4de3950d210b",
"indicator--55c36728-aa44-4b06-9c23-4bb4950d210b",
"indicator--55c36728-f8f8-4262-8b9a-4d2b950d210b",
"indicator--55c36728-0ac0-4948-a1a9-4da1950d210b",
"indicator--55c36728-f42c-4713-8550-47a3950d210b",
"indicator--55c36729-7d48-4073-941c-4532950d210b",
"indicator--55c36729-6318-421f-9fa0-4c9a950d210b",
"indicator--55c36729-a47c-4892-9792-4616950d210b",
"indicator--55c36729-a414-423c-b154-4799950d210b",
"indicator--55c36729-f36c-42b4-bb29-4685950d210b",
"indicator--55c3672a-ab48-44bc-a110-4f63950d210b",
"indicator--55c3672a-6584-401e-935c-4ede950d210b",
"indicator--55c3672a-5334-4f20-97ca-41ad950d210b",
"indicator--55c3672a-fa44-445a-85d4-4a41950d210b",
"indicator--55c3672a-87b8-4b30-b71e-4531950d210b",
"indicator--55c3672b-2290-43bf-889e-48ee950d210b",
"indicator--55c3672b-43d8-46b3-9223-4e0f950d210b",
"indicator--55c3672b-007c-4b9d-9ae8-4ce8950d210b",
"indicator--55c3672b-3fc8-4280-9fd0-4cca950d210b",
"indicator--55c3672b-9f50-461e-bfd2-420f950d210b",
"indicator--55c3672b-e970-4763-b344-4617950d210b",
"indicator--55c3672c-0844-447c-812f-4d59950d210b",
"indicator--55c3672c-f924-4570-bbbe-4523950d210b",
"indicator--55c3672c-31d4-489f-83d9-4dd2950d210b",
"indicator--55c3672c-032c-485a-a1bd-4cc2950d210b",
"indicator--55c3672c-3eec-431e-a950-46d4950d210b",
"indicator--55c3672d-e654-4d1e-8938-43fb950d210b",
"indicator--55c3672d-df40-4ff4-9d1f-43f9950d210b",
"indicator--55c3672d-d9b0-4c1f-a3d6-4e27950d210b",
"indicator--55c3672d-5b7c-413b-8b08-4adf950d210b",
"indicator--55c3672d-172c-40c4-862c-4f48950d210b",
"indicator--55c3672e-2e20-4496-80cd-4cd8950d210b",
"indicator--55c3672e-bfa8-4216-8c72-4f5a950d210b",
"indicator--55c3672e-fc08-472f-9112-4767950d210b",
"indicator--55c3672e-61b4-4c16-96e3-4049950d210b",
"indicator--55c3672e-78bc-4799-83fb-4fdd950d210b",
"indicator--55c3672e-dc80-4db7-b646-4f06950d210b",
"indicator--55c3672f-ad0c-4af6-b59e-4f63950d210b",
"indicator--55c3672f-eecc-4735-b2c2-4031950d210b",
"indicator--55c3672f-acd4-429e-9f85-4eb3950d210b",
"indicator--55c3672f-43d4-487f-a37a-488a950d210b",
"indicator--55c3672f-cae0-4b2d-adfc-4db0950d210b",
"indicator--55c36730-468c-487b-b8bc-4e2f950d210b",
"indicator--55c36730-367c-4700-842c-432c950d210b",
"indicator--55c36730-9a78-4c43-970b-4692950d210b",
"indicator--55c36730-2a24-40bc-9eb8-4c52950d210b",
"indicator--55c36730-c2bc-456f-9abe-49d4950d210b",
"indicator--55c36731-4a00-4fb1-aba4-4610950d210b",
"indicator--55c36731-a808-4507-bef8-4a48950d210b",
"indicator--55c36731-7384-4e3d-934d-4b7a950d210b",
"indicator--55c36731-d150-4c90-bce2-400e950d210b",
"indicator--55c36731-f5e8-4313-8ecc-41b9950d210b",
"indicator--55c36731-1d28-49a9-b748-433b950d210b",
"indicator--55c36732-04c8-4eea-b353-4be5950d210b",
"indicator--55c36732-2fcc-4c80-8893-4c90950d210b",
"indicator--55c36732-a0fc-4e98-9b87-4046950d210b",
"indicator--55c36732-80a4-4797-bcec-4140950d210b",
"indicator--55c36732-a62c-41d9-8720-4e4c950d210b",
"indicator--55c36733-d57c-4dc3-b6fa-4e2c950d210b",
"indicator--55c36733-d494-46fc-94d2-4877950d210b",
"indicator--55c36733-e6b4-4eb5-9960-41a2950d210b",
"indicator--55c36733-2008-4b9c-a3d8-4980950d210b",
"indicator--55c36733-31e8-4961-8b1e-4b7c950d210b",
"indicator--55c36733-8a90-4253-93c1-4341950d210b",
"indicator--55c36734-fda8-4db6-8d80-4356950d210b",
"indicator--55c36734-4b14-4451-8e7a-4d82950d210b",
"indicator--55c36734-5cbc-43eb-89cd-47bd950d210b",
"indicator--55c36734-eecc-456e-8c9f-4ab1950d210b",
"indicator--55c36774-4644-4c88-88ce-6f83950d210b",
"indicator--55c36774-1648-49af-b303-6f83950d210b",
"indicator--55c36774-1188-4532-adea-6f83950d210b",
"indicator--55c36775-765c-413b-a743-6f83950d210b",
"indicator--55c36775-7374-459c-b68a-6f83950d210b",
"indicator--55c36775-bc0c-4d54-9017-6f83950d210b",
"indicator--55c36775-ba48-4d0d-b3a8-6f83950d210b",
"indicator--55c36775-b410-4f54-b3ff-6f83950d210b",
"indicator--55c36776-2c68-440e-b900-6f83950d210b",
"indicator--55c36776-d728-4bf7-a22e-6f83950d210b",
"indicator--55c36776-0f50-4fcc-bfa1-6f83950d210b",
"indicator--55c36776-bbf4-4abe-b7c9-6f83950d210b",
"indicator--55c36776-6cec-4832-a0f3-6f83950d210b",
"indicator--55c36777-bbe0-42b0-93cb-6f83950d210b",
"indicator--55c36777-2d2c-4d3c-a79d-6f83950d210b",
"indicator--55c36777-03d8-4711-813f-6f83950d210b",
"indicator--55c36777-8300-4b46-bc20-6f83950d210b",
"indicator--55c36777-df34-481e-a9a1-6f83950d210b",
"indicator--55c36777-6db8-4a0e-bcff-6f83950d210b",
"indicator--55c36778-2c08-487e-8ea2-6f83950d210b",
"indicator--55c36778-a270-4eb2-a502-6f83950d210b",
"indicator--55c36778-f190-4c79-8b9f-6f83950d210b",
"indicator--55c36778-fb44-4307-89bf-6f83950d210b",
"indicator--55c36778-efb8-4a38-95d0-6f83950d210b",
"indicator--55c36779-06fc-4c4a-934e-6f83950d210b",
"x-misp-attribute--55c36834-2db8-4280-8986-4ac8950d210b",
"x-misp-attribute--55c36834-d84c-49c6-a286-4640950d210b",
"x-misp-attribute--55c36834-2fec-4e93-8d57-4bd9950d210b",
"indicator--55c36857-2dfc-4318-97aa-4d97950d210b",
"indicator--55c36857-2bf4-4737-a01f-4ca1950d210b",
"indicator--55c36857-2510-4c4f-8ad1-4a26950d210b",
"indicator--55c36858-00c0-4aca-9640-4baf950d210b",
"indicator--55c36858-1b8c-42a8-9745-4042950d210b",
"indicator--55c36858-403c-40f7-bed5-4a74950d210b",
"indicator--55c36858-b6b8-416e-930f-4aeb950d210b",
"indicator--55c36858-756c-47b7-8d49-4b91950d210b",
"indicator--55c36859-1ca0-45a9-b3c0-449d950d210b",
"indicator--55c36859-6ef4-4acf-92c3-49b8950d210b",
"indicator--55c36859-91fc-43b5-a5c7-4be7950d210b",
"indicator--55c3686f-1af8-4d84-ad7c-4497950d210b",
"indicator--55c3686f-0d54-420d-a144-497d950d210b",
"indicator--55c3686f-3130-45be-840b-4d75950d210b",
"indicator--55c3686f-b7e4-44a3-85ba-42c1950d210b",
"indicator--55c3686f-6bf8-4c65-984d-4ef7950d210b",
"indicator--55c3686f-4928-4e09-a4a7-4a5f950d210b",
"indicator--55c36870-7a98-4832-a94c-4658950d210b",
"indicator--55c36870-e604-4d4f-937d-4ce9950d210b",
"indicator--55c36870-6e9c-45da-a17b-4e6f950d210b",
"indicator--55c36870-e4d8-473a-b60a-433d950d210b",
"indicator--55c36870-6af0-4b84-9986-4d32950d210b",
"indicator--55c36870-c754-449f-883a-4537950d210b",
"indicator--55c36871-b914-4d21-aceb-4d1d950d210b",
"indicator--55c36871-9d94-407a-8205-44f8950d210b",
"indicator--55c36871-bd78-4bc9-8626-4ade950d210b",
"indicator--55c36871-cd70-496d-839c-4efb950d210b",
"indicator--55c36871-5fc0-440e-b10f-4e29950d210b",
"indicator--55c36871-3878-4803-958e-4e32950d210b",
"indicator--55c36872-8694-421e-aa40-4652950d210b",
"indicator--55c36872-dcdc-4dfb-b31c-4322950d210b",
"indicator--55c36872-bfb4-4b4b-9776-447e950d210b",
"indicator--55c36872-c8b0-43ce-815e-471e950d210b",
"indicator--55c36872-1904-42b8-b2ca-446b950d210b",
"indicator--55c36872-1b84-4fe1-970e-4631950d210b",
"indicator--55c36873-e4b0-45ff-9261-4374950d210b",
"indicator--55c36873-9690-4841-a508-4f7e950d210b",
"indicator--55c36873-8544-48ab-bb83-4735950d210b",
"indicator--55c36873-4338-4048-9d54-4929950d210b",
"indicator--55c36873-4c60-4dd6-81d8-4f58950d210b",
"indicator--55c36873-bb24-49cc-971e-4c41950d210b",
"indicator--55c36873-4740-4383-ac1c-44eb950d210b",
"indicator--55c36874-80e4-4c97-8692-463b950d210b",
"indicator--55c36874-363c-433c-927f-4833950d210b",
"indicator--55c36874-710c-4b1e-8f72-42ea950d210b",
"indicator--55c36874-3304-47cd-a673-48a9950d210b",
"indicator--55c36874-f46c-43b5-85da-4210950d210b",
"indicator--55c36874-960c-4238-a068-48a1950d210b",
"indicator--55c36875-02cc-4140-81cc-4042950d210b",
"indicator--55c36875-debc-44de-90f5-4a4a950d210b",
"indicator--55c36875-9ea8-4121-a2a6-49a1950d210b",
"indicator--55c36875-4664-4cf7-88e5-4684950d210b",
"indicator--55c36875-384c-4a2b-8a94-4411950d210b",
"indicator--55c36875-3d84-4e00-a40e-4fb1950d210b",
"indicator--55c36875-11c0-405a-a96d-4ce0950d210b",
"indicator--55c36876-e770-482d-90b0-4c7a950d210b",
"indicator--55c36876-8944-4b59-884b-4175950d210b",
"indicator--55c36876-4b18-489d-8a7d-45c5950d210b",
"indicator--55c36876-8b18-4545-a7ba-4f5b950d210b",
"indicator--55c36876-2d08-40cc-87d0-4d09950d210b",
"indicator--55c36876-ca64-42cc-b5a3-4b0b950d210b",
"indicator--55c36877-ce08-4ebb-b1f1-4336950d210b",
"indicator--55c36877-f704-4b00-958d-4cb2950d210b",
"indicator--55c36877-e380-4c60-b246-4669950d210b",
"indicator--55c36877-f5a8-48c9-9382-45a6950d210b",
"indicator--55c36877-6460-4329-a5f9-4912950d210b",
"indicator--55c36877-ee7c-4c1e-8f1b-48e9950d210b",
"indicator--55c36877-aa7c-4358-b8a5-46c5950d210b",
"indicator--55c36878-1920-4cf0-b04a-49b4950d210b",
"indicator--55c36878-50d0-462c-894a-44fd950d210b",
"indicator--55c36878-3170-43c4-8380-46a3950d210b",
"indicator--55c36878-6a38-4453-b818-40d5950d210b",
"indicator--55c36878-523c-43b0-9130-4e11950d210b",
"indicator--55c36878-d258-4837-9db2-4e26950d210b",
"indicator--55c36879-2e00-49d1-b8e3-47ca950d210b",
"indicator--55c36879-6ccc-4bde-95f3-4888950d210b",
"indicator--55c36879-d0fc-4d15-875b-4b2b950d210b",
"indicator--55c36879-adb4-489b-a437-4e9b950d210b",
"indicator--55c36879-73bc-448e-a0e0-4599950d210b",
"indicator--55c36879-a16c-45a7-94fb-48f3950d210b",
"indicator--55c36879-0284-4809-a976-43b5950d210b",
"indicator--55c3687a-34bc-4564-818c-430e950d210b",
"indicator--55c3687a-ea54-4d23-ba16-4a1f950d210b",
"indicator--55c3687a-2980-477c-9b94-4d5b950d210b",
"indicator--55c3687a-59d8-4cad-a94a-4e7a950d210b",
"indicator--55c3687a-d218-4fe2-997e-48dd950d210b",
"indicator--55c3687a-77f0-4936-b314-4c68950d210b",
"indicator--55c3687b-4e3c-4b59-a142-4a2c950d210b",
"indicator--55c3687b-06f4-4fec-8d17-4068950d210b",
"indicator--55c3687b-bc60-4382-b196-4a4d950d210b",
"indicator--55c3687b-1fb8-4593-8432-43d4950d210b",
"indicator--55c3687b-5470-45bd-bb14-4e16950d210b",
"indicator--55c3687b-5144-4824-9c70-4769950d210b",
"indicator--55c3687c-e1d4-45b4-8735-40fe950d210b",
"indicator--55c3687c-a674-445a-81a9-4ef7950d210b",
"indicator--55c3687c-be94-4b1c-9c8e-472d950d210b",
"indicator--55c3687c-6030-4ea7-bbdd-48b1950d210b",
"indicator--55c3688a-0244-4c3a-8d9c-44f2950d210b",
"indicator--55c3688a-88f0-46ad-8598-4347950d210b",
"indicator--55c3688b-9598-463c-aa27-4178950d210b",
"indicator--55c3688b-0e7c-4b60-b601-428d950d210b",
"indicator--55c3688b-4acc-46d1-bd6f-4da9950d210b",
"vulnerability--55c368e0-9228-44ef-b4c0-4541950d210b",
"vulnerability--55c368e0-8118-4882-84a0-41fa950d210b",
"indicator--56c66fc9-00bc-4521-ac22-599c950d210f",
"indicator--56c66fcc-9ef8-4710-9677-c651950d210f",
"indicator--56c66fce-2f0c-406b-a770-c654950d210f",
"indicator--56c66fd0-45bc-461e-afe0-59a1950d210f",
"indicator--56c66fd2-7628-4831-8a8c-599d950d210f",
"indicator--56c66fd7-c844-4cf5-9d45-c653950d210f",
"indicator--56c66fdb-a3dc-4d99-81de-599c950d210f",
"indicator--56c66fde-6268-48f4-b377-48e1950d210f",
"indicator--56c66fdf-90f0-4af6-86cd-c650950d210f",
"indicator--56c66fe0-563c-4210-92f3-599f950d210f",
"indicator--56c66fe2-29fc-4dea-b6f7-5ca1950d210f",
"indicator--56c66fe3-48e8-4749-868a-c651950d210f",
"indicator--56c66fe5-13fc-4f66-924c-4c4b950d210f",
"indicator--56c66fe6-094c-4448-b710-463c950d210f",
"indicator--56c66fca-3e74-4580-9285-c651950d210f",
"indicator--56c66fcc-fcc4-4cae-8c13-59a0950d210f",
"indicator--56c66fce-df60-4f03-991a-59a4950d210f",
"indicator--56c66fd0-5650-4895-8c3e-40f3950d210f",
"indicator--56c66fd3-1828-4a72-9171-599f950d210f",
"indicator--56c66fd8-4cac-45f7-ae6d-c654950d210f",
"indicator--56c66fdb-24d4-43b8-88b8-599f950d210f",
"indicator--56c66fde-7534-49d5-a04d-5ca1950d210f",
"indicator--56c66fe0-8dc0-4106-9f64-c652950d210f",
"indicator--56c66fe1-dd60-4b20-8ab8-c653950d210f",
"indicator--56c66fe2-f974-411c-8fbe-c650950d210f",
"indicator--56c66fe4-7a7c-4d3b-bf29-43c0950d210f",
"indicator--56c66fe5-019c-484b-93af-c654950d210f",
"indicator--56c66fe7-3414-4ffb-a392-4ec6950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55c27a1d-ed04-4102-b03e-432a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-05T21:03:25.000Z",
"modified": "2015-08-05T21:03:25.000Z",
"first_observed": "2015-08-05T21:03:25Z",
"last_observed": "2015-08-05T21:03:25Z",
"number_observed": 1,
"object_refs": [
"url--55c27a1d-ed04-4102-b03e-432a950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55c27a1d-ed04-4102-b03e-432a950d210b",
"value": "http://www.secureworks.com/resources/blog/revealing-the-cyber-kraken/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55c27a1d-b958-43a6-9363-4f1d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-05T21:03:25.000Z",
"modified": "2015-08-05T21:03:25.000Z",
"first_observed": "2015-08-05T21:03:25Z",
"last_observed": "2015-08-05T21:03:25Z",
"number_observed": 1,
"object_refs": [
"url--55c27a1d-b958-43a6-9363-4f1d950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55c27a1d-b958-43a6-9363-4f1d950d210b",
"value": "http://www.secureworks.com/cyber-threat-intelligence/threats/threat-group-3390-targets-organizations-for-cyberespionage/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55c27a48-cb58-4718-807b-4195950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-05T21:04:08.000Z",
"modified": "2015-08-05T21:04:08.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "TG-3390"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55c27a48-6fdc-45fe-a0d0-49bc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-05T21:04:08.000Z",
"modified": "2015-08-05T21:04:08.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Emissary Panda"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36726-a770-4f30-be2f-4cb2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:46.000Z",
"modified": "2015-08-06T13:54:46.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'american.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36726-f870-44d0-b7a3-4694950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:46.000Z",
"modified": "2015-08-06T13:54:46.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'api.apigmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36726-d51c-4a1f-8813-4e98950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:46.000Z",
"modified": "2015-08-06T13:54:46.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'apigmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36727-8f1c-4c52-9144-41b7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:47.000Z",
"modified": "2015-08-06T13:54:47.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'backup.darkhero.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36727-2554-4dc2-a021-456c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:47.000Z",
"modified": "2015-08-06T13:54:47.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'bel.updatawindows.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36727-7300-4435-9162-439a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:47.000Z",
"modified": "2015-08-06T13:54:47.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'binary.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36727-a320-4e63-b01b-4622950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:47.000Z",
"modified": "2015-08-06T13:54:47.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36727-e4d4-438e-8619-4368950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:47.000Z",
"modified": "2015-08-06T13:54:47.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'castle.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-9c9c-4db3-b6a4-417f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ctcb.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-cac8-4d4c-b98e-4de3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'darkhero.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-aa44-4b06-9c23-4bb4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'dav.local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-f8f8-4262-8b9a-4d2b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'test.local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-0ac0-4948-a1a9-4da1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'dev.local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36728-f42c-4713-8550-47a3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:48.000Z",
"modified": "2015-08-06T13:54:48.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ocean.local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36729-7d48-4073-941c-4532950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:49.000Z",
"modified": "2015-08-06T13:54:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ga.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36729-6318-421f-9fa0-4c9a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:49.000Z",
"modified": "2015-08-06T13:54:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'helpdesk.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36729-a47c-4892-9792-4616950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:49.000Z",
"modified": "2015-08-06T13:54:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'helpdesk.csc-na.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36729-a414-423c-b154-4799950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:49.000Z",
"modified": "2015-08-06T13:54:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'helpdesk.hotmail-onlines.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36729-f36c-42b4-bb29-4685950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:49.000Z",
"modified": "2015-08-06T13:54:49.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'helpdesk.lnip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672a-ab48-44bc-a110-4f63950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:50.000Z",
"modified": "2015-08-06T13:54:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'hotmail-onlines.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672a-6584-401e-935c-4ede950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:50.000Z",
"modified": "2015-08-06T13:54:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'jobs.hotmail-onlines.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672a-5334-4f20-97ca-41ad950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:50.000Z",
"modified": "2015-08-06T13:54:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'justufogame.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672a-fa44-445a-85d4-4a41950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:50.000Z",
"modified": "2015-08-06T13:54:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'lnip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672a-87b8-4b30-b71e-4531950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:50.000Z",
"modified": "2015-08-06T13:54:50.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-2290-43bf-889e-48ee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'login.hansoftupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-43d8-46b3-9223-4e0f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'long.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-007c-4b9d-9ae8-4ce8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'longlong.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-3fc8-4280-9fd0-4cca950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'longshadow.dyndns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-9f50-461e-bfd2-420f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'longshadow.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672b-e970-4763-b344-4617950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:51.000Z",
"modified": "2015-08-06T13:54:51.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'longykcai.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672c-0844-447c-812f-4d59950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:52.000Z",
"modified": "2015-08-06T13:54:52.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'lostself.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672c-f924-4570-bbbe-4523950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:52.000Z",
"modified": "2015-08-06T13:54:52.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mac.navydocument.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672c-31d4-489f-83d9-4dd2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:52.000Z",
"modified": "2015-08-06T13:54:52.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mail.csc-na.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672c-032c-485a-a1bd-4cc2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:52.000Z",
"modified": "2015-08-06T13:54:52.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mantech.updatawindows.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672c-3eec-431e-a950-46d4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:52.000Z",
"modified": "2015-08-06T13:54:52.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'micr0soft.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672d-e654-4d1e-8938-43fb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:53.000Z",
"modified": "2015-08-06T13:54:53.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'microsoft-outlook.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672d-df40-4ff4-9d1f-43f9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:53.000Z",
"modified": "2015-08-06T13:54:53.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mtc.navydocument.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672d-d9b0-4c1f-a3d6-4e27950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:53.000Z",
"modified": "2015-08-06T13:54:53.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'navydocument.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672d-5b7c-413b-8b08-4adf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:53.000Z",
"modified": "2015-08-06T13:54:53.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'mtc.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672d-172c-40c4-862c-4f48950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:53.000Z",
"modified": "2015-08-06T13:54:53.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'news.hotmail-onlines.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-2e20-4496-80cd-4cd8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'oac.3322.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-bfa8-4216-8c72-4f5a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ocean.apigmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-fc08-472f-9112-4767950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'pchomeserver.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-61b4-4c16-96e3-4049950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'registre.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-78bc-4799-83fb-4fdd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'security.pomsys.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672e-dc80-4db7-b646-4f06950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:54.000Z",
"modified": "2015-08-06T13:54:54.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'services.darkhero.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672f-ad0c-4af6-b59e-4f63950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:55.000Z",
"modified": "2015-08-06T13:54:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'sgl.updatawindows.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672f-eecc-4735-b2c2-4031950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:55.000Z",
"modified": "2015-08-06T13:54:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'shadow.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672f-acd4-429e-9f85-4eb3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:55.000Z",
"modified": "2015-08-06T13:54:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'sonoco.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672f-43d4-487f-a37a-488a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:55.000Z",
"modified": "2015-08-06T13:54:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'test.logmastre.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3672f-cae0-4b2d-adfc-4db0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:55.000Z",
"modified": "2015-08-06T13:54:55.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'up.gtalklite.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36730-468c-487b-b8bc-4e2f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:56.000Z",
"modified": "2015-08-06T13:54:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'updatawindows.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36730-367c-4700-842c-432c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:56.000Z",
"modified": "2015-08-06T13:54:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36730-9a78-4c43-970b-4692950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:56.000Z",
"modified": "2015-08-06T13:54:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'update.deepsoftupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36730-2a24-40bc-9eb8-4c52950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:56.000Z",
"modified": "2015-08-06T13:54:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'update.hancominc.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36730-c2bc-456f-9abe-49d4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:56.000Z",
"modified": "2015-08-06T13:54:56.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'update.micr0soft.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-4a00-4fb1-aba4-4610950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'update.pchomeserver.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-a808-4507-bef8-4a48950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'urs.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-7384-4e3d-934d-4b7a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'wang.darkhero.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-d150-4c90-bce2-400e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'webs.local-test.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-f5e8-4313-8ecc-41b9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'word.apigmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36731-1d28-49a9-b748-433b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:57.000Z",
"modified": "2015-08-06T13:54:57.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'wordpress.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36732-04c8-4eea-b353-4be5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:58.000Z",
"modified": "2015-08-06T13:54:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'working.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36732-2fcc-4c80-8893-4c90950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:58.000Z",
"modified": "2015-08-06T13:54:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'working.darkhero.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36732-a0fc-4e98-9b87-4046950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:58.000Z",
"modified": "2015-08-06T13:54:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'working.hotmail-onlines.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36732-80a4-4797-bcec-4140950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:58.000Z",
"modified": "2015-08-06T13:54:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'www.trendmicro-update.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36732-a62c-41d9-8720-4e4c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:58.000Z",
"modified": "2015-08-06T13:54:58.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'www.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-d57c-4dc3-b6fa-4e2c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'x.apigmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-d494-46fc-94d2-4877950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ykcai.update-onlines.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-e6b4-4eb5-9960-41a2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ykcailostself.dyndns-free.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-2008-4b9c-a3d8-4980950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ykcainobody.dyndns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-31e8-4961-8b1e-4b7c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'zj.blackcmd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36733-8a90-4253-93c1-4341950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:54:59.000Z",
"modified": "2015-08-06T13:54:59.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'laxness-lab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:54:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36734-fda8-4db6-8d80-4356950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:55:00.000Z",
"modified": "2015-08-06T13:55:00.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'google-ana1ytics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:55:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36734-4b14-4451-8e7a-4d82950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:55:00.000Z",
"modified": "2015-08-06T13:55:00.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'www.google-ana1ytics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:55:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36734-5cbc-43eb-89cd-47bd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:55:00.000Z",
"modified": "2015-08-06T13:55:00.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'ftp.google-ana1ytics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:55:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36734-eecc-456e-8c9f-4ab1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:55:00.000Z",
"modified": "2015-08-06T13:55:00.000Z",
"description": "Imported via the freetext import.",
"pattern": "[domain-name:value = 'hotmailcontact.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:55:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36774-4644-4c88-88ce-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:04.000Z",
"modified": "2015-08-06T13:56:04.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.115.242.36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36774-1648-49af-b303-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:04.000Z",
"modified": "2015-08-06T13:56:04.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.115.242.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36774-1188-4532-adea-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:04.000Z",
"modified": "2015-08-06T13:56:04.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.115.242.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36775-765c-413b-a743-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:05.000Z",
"modified": "2015-08-06T13:56:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.63.178.142']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36775-7374-459c-b68a-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:05.000Z",
"modified": "2015-08-06T13:56:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.11.148.220']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36775-bc0c-4d54-9017-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:05.000Z",
"modified": "2015-08-06T13:56:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.11.141.133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36775-ba48-4d0d-b3a8-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:05.000Z",
"modified": "2015-08-06T13:56:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.195.236']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36775-b410-4f54-b3ff-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:05.000Z",
"modified": "2015-08-06T13:56:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.195.237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36776-2c68-440e-b900-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:06.000Z",
"modified": "2015-08-06T13:56:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.195.238']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36776-d728-4bf7-a22e-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:06.000Z",
"modified": "2015-08-06T13:56:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.24.0.142']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36776-0f50-4fcc-bfa1-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:06.000Z",
"modified": "2015-08-06T13:56:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.24.1.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36776-bbf4-4abe-b7c9-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:06.000Z",
"modified": "2015-08-06T13:56:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '106.187.45.162']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36776-6cec-4832-a0f3-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:06.000Z",
"modified": "2015-08-06T13:56:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.151.236.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-bbe0-42b0-93cb-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.161.61.19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-2d2c-4d3c-a79d-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.161.61.20']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-03d8-4711-813f-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.161.61.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-8300-4b46-bc20-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.215.232.179']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-df34-481e-a9a1-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.44.177.195']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36777-6db8-4a0e-bcff-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:07.000Z",
"modified": "2015-08-06T13:56:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '49.143.192.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36778-2c08-487e-8ea2-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:08.000Z",
"modified": "2015-08-06T13:56:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.215.232.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36778-a270-4eb2-a502-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:08.000Z",
"modified": "2015-08-06T13:56:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.215.232.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36778-f190-4c79-8b9f-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:08.000Z",
"modified": "2015-08-06T13:56:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.44.182.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36778-fb44-4307-89bf-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:08.000Z",
"modified": "2015-08-06T13:56:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.44.182.245']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36778-efb8-4a38-95d0-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:08.000Z",
"modified": "2015-08-06T13:56:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.44.182.246']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36779-06fc-4c4a-934e-6f83950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:56:09.000Z",
"modified": "2015-08-06T13:56:09.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '49.143.205.30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:56:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55c36834-2db8-4280-8986-4ac8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:32:15.000Z",
"modified": "2016-04-15T19:32:15.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "Registrant emails",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "working_success@163.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55c36834-d84c-49c6-a286-4640950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:31:32.000Z",
"modified": "2016-04-15T19:31:32.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "Registrant emails",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "ykcaihyl@163.com"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--55c36834-2fec-4e93-8d57-4bd9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:31:21.000Z",
"modified": "2016-04-15T19:31:21.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Attribution",
"x_misp_comment": "Registrant emails",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "yuming@yinsibaohu.aliyun.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36857-2dfc-4318-97aa-4d97950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:51.000Z",
"modified": "2015-08-06T13:59:51.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '1cb4b74e9d030afbb18accf6ee2bfca1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36857-2bf4-4737-a01f-4ca1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:51.000Z",
"modified": "2015-08-06T13:59:51.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = 'b333b5d541a0488f4e710ae97c46d9c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36857-2510-4c4f-8ad1-4a26950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:51.000Z",
"modified": "2015-08-06T13:59:51.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '86a05dcffe87caf7099dda44d9ec6b48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36858-00c0-4aca-9640-4baf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:52.000Z",
"modified": "2015-08-06T13:59:52.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '93e40da0bd78bebe5e1b98c6324e9b5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36858-1b8c-42a8-9745-4042950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:52.000Z",
"modified": "2015-08-06T13:59:52.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = 'f43d9c3e17e8480a36a62ef869212419']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36858-403c-40f7-bed5-4a74950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:52.000Z",
"modified": "2015-08-06T13:59:52.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '57e85fc30502a925ffed16082718ec6c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36858-b6b8-416e-930f-4aeb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:52.000Z",
"modified": "2015-08-06T13:59:52.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '4251aaf38a485b08d5562c6066370f09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36858-756c-47b7-8d49-4b91950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:52.000Z",
"modified": "2015-08-06T13:59:52.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = 'bbfd1e703f55ce779b536b5646a0cdc1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36859-1ca0-45a9-b3c0-449d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:53.000Z",
"modified": "2015-08-06T13:59:53.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '12a522cb96700c82dc964197adb57ddf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36859-6ef4-4acf-92c3-49b8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:53.000Z",
"modified": "2015-08-06T13:59:53.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '728e5700a401498d91fb83159beec834']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36859-91fc-43b5-a5c7-4be7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T13:59:53.000Z",
"modified": "2015-08-06T13:59:53.000Z",
"description": "HttpBrowser RAT dropper",
"pattern": "[file:hashes.MD5 = '2bec1860499aae1dbcc92f48b276f998']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T13:59:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-1af8-4d84-ad7c-4497950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '014122d7851fa8bf4070a8fc2acd5dc5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-0d54-420d-a144-497d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '0ae996b31a2c3ed3f0bc14c7a96bea38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-3130-45be-840b-4d75950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '1a76681986f99b216d5c0f17ccff2a12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-b7e4-44a3-85ba-42c1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '380c02b1fd93eb22028862117a2f19e3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-6bf8-4c65-984d-4ef7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '40a9a22da928cbb70df48d5a3106d887']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3686f-4928-4e09-a4a7-4a5f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:15.000Z",
"modified": "2015-08-06T14:00:15.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '46cf2f9b4a4c35b62a32f28ac847c575']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-7a98-4832-a94c-4658950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '5436c3469cb1d87ea404e8989b28758d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-e604-4d4f-937d-4ce9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '692cecc94ac440ec673dc69f37bc0409']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-6e9c-45da-a17b-4e6f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '6a39a4e9933407aef31fdc3dfa2a2a95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-e4d8-473a-b60a-433d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '8b4ed3b392ee5da139c16b8bca38ea5e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-6af0-4b84-9986-4d32950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '8ea5d8bb6b28191e4436456c35477e39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36870-c754-449f-883a-4537950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:16.000Z",
"modified": "2015-08-06T14:00:16.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '9271bcfbba056c8f80c7f04d72efd62d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-b914-4d21-aceb-4d1d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '996843b55a7c5c7a36e8c6956e599610']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-9d94-407a-8205-44f8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'a554efc889714c70e9362bdc81fadd6a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-bd78-4bc9-8626-4ade950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'c9c93c2d62a084031872aab96202ee3e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-cd70-496d-839c-4efb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ddbdf0efdf26e0c267ef6155edb0e6b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-5fc0-440e-b10f-4e29950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e7df18a17d8e7c2ed541a57020444068']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36871-3878-4803-958e-4e32950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:17.000Z",
"modified": "2015-08-06T14:00:17.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ea4dcafc224f604c096032dde33a1d6d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-8694-421e-aa40-4652950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'f658bb17d69912404f34532901edad0e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-dcdc-4dfb-b31c-4322950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'f869a1b40f6438dfdd89e73480103211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-bfb4-4b4b-9776-447e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '81ed752590752016cb1c12f3e9ab3454']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-c8b0-43ce-815e-471e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '5ef719f8aeb9bf97beb24a5c2ed19173']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-1904-42b8-b2ca-446b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '7ec91768376324be2bad4fd30b1c2051']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36872-1b84-4fe1-970e-4631950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:18.000Z",
"modified": "2015-08-06T14:00:18.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '20c446ad2d7d1586138b493ecddfbbc7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-e4b0-45ff-9261-4374950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '44cf0793e05ba843dd53bbc7020e0f1c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-9690-4841-a508-4f7e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '02826bb6636337963cc5162e6f87745e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-8544-48ab-bb83-4735950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '1606ab7a54735af654ee6deb7427f652']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-4338-4048-9d54-4929950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '1539b3a5921203f0e2b6c05d692ffa27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-4c60-4dd6-81d8-4f58950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'c66e09429ad6669321e5c69b1d78c082']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-bb24-49cc-971e-4c41950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '225e10e362eeee15ec64246ac021f4d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36873-4740-4383-ac1c-44eb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:19.000Z",
"modified": "2015-08-06T14:00:19.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'a631fc7c45cbdf80992b9d730df0ff51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-80e4-4c97-8692-463b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'af785b4df71da0786bcae233e55cf6c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-363c-433c-927f-4833950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e3e0f3ad4ff3b981b513cc66b37583e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-710c-4b1e-8f72-42ea950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '5cd0e97a1f09001af5213462aa3f7eb1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-3304-47cd-a673-48a9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '15fd9c04d6099273a9acf8feab81acfe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-f46c-43b5-85da-4210950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ea8b9e0bf95fc0c71694310cb685cd3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36874-960c-4238-a068-48a1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:20.000Z",
"modified": "2015-08-06T14:00:20.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '5c3ab475be110ec59257617ee1388e01']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-02cc-4140-81cc-4042950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '6aac7417ea1eb60a869597af9049b8fa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-debc-44de-90f5-4a4a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '372f5370085a63f5b660fab635ce6cd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-9ea8-4121-a2a6-49a1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'fac4885324cb67bd421d6250fdc9533c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-4664-4cf7-88e5-4684950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e7e555615a07040bb5dbe9ce59ac5d11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-384c-4a2b-8a94-4411950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ff34cb1d90d76a656546293e879afe22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-3d84-4e00-a40e-4fb1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '2abf7421c34c60d48e09325a206e720e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36875-11c0-405a-a96d-4ce0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:21.000Z",
"modified": "2015-08-06T14:00:21.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '396b4317db07cc8a2480786160b33044']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-e770-482d-90b0-4c7a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e404873d3fcd0268db10657b53bdab64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-8944-4b59-884b-4175950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '6e4189b20adb253b3c1ad7f8fdc95009']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-4b18-489d-8a7d-45c5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'bff424289c38d389a8cafb16b47dfe39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-8b18-4545-a7ba-4f5b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '7294c7f3860315d51f74152e8ad353df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-2d08-40cc-87d0-4d09950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '40092f76fea082b05e9631d91975a401']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36876-ca64-42cc-b5a3-4b0b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:22.000Z",
"modified": "2015-08-06T14:00:22.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e42fce74bbd637c35320cf4e95f5e055']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-ce08-4ebb-b1f1-4336950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'd0dafc3716a0d0ce393cde30b2b14a07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-f704-4b00-958d-4cb2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ae66bad0c7de88ab0ab1050c4bec9095']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-e380-4c60-b246-4669950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'c7c2be1cd3780b2ba4638cef9a5422c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-f5a8-48c9-9382-45a6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '405949955b1cb65673c16bf7c8da2f4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-6460-4329-a5f9-4912950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ff4f052dbe73a81403df5e98313000fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-ee7c-4c1e-8f1b-48e9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'b30fcd362c7b8ac75b7dddfe6cb448c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36877-aa7c-4358-b8a5-46c5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:23.000Z",
"modified": "2015-08-06T14:00:23.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '1d24f4d20b80562de46a8ac95d0ff8c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-1920-4cf0-b04a-49b4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '9538bbdb3a73201b40296e9d4dc80ade']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-50d0-462c-894a-44fd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '46bb2caeda30c09a6337fd46ec98c32c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-3170-43c4-8380-46a3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '0c8842e48e80643d91dd290d0f786147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-6a38-4453-b818-40d5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '0fc975c3c4e6c546b4f2b5aaed50dd78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-523c-43b0-9130-4e11950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '41be449f687828466ed7d87f0f30a278']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36878-d258-4837-9db2-4e26950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:24.000Z",
"modified": "2015-08-06T14:00:24.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '2b95caf3307ebd36cf405b1133b30aa8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-2e00-49d1-b8e3-47ca950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'ccc715a4d9d0157b9776deacdb26bf78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-6ccc-4bde-95f3-4888950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '37933acfa8d8e78c54413d88ca705e17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-d0fc-4d15-875b-4b2b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '2813c5a1c87f7e3d33174fed8b0988a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-adb4-489b-a437-4e9b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '8f22834efe52ccefb17e768569eb36b9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-73bc-448e-a0e0-4599950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '6f01628a0b5de757a8dbe99020499d10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-a16c-45a7-94fb-48f3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '7f8d9f12f41156512b60ab17f8d85fe9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c36879-0284-4809-a976-43b5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:25.000Z",
"modified": "2015-08-06T14:00:25.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'debe5ef2868b212f4251c58be1687660']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-34bc-4564-818c-430e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e136d4ebab357fd19df8afe221460571']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-ea54-4d23-ba16-4a1f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'a86a906cfafaf1d7e3725bb0161b0cfe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-2980-477c-9b94-4d5b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '03e1eac3512a726da30fff41dbc26039']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-59d8-4cad-a94a-4e7a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'baac5e5dd3ce7dae56cab6d3dac14e15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-d218-4fe2-997e-48dd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '0f7dde31fbeb5ddbb6230c401ed41561']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687a-77f0-4936-b314-4c68950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:26.000Z",
"modified": "2015-08-06T14:00:26.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '36d957f6058f954541450f5a85b28d4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-4e3c-4b59-a142-4a2c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '42d874f91145bd2ddf818735346022d8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-06f4-4fec-8d17-4068950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '3468034fc3ac65c60a1f1231e3c45107']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-bc60-4382-b196-4a4d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '4e3b51a6a18bdb770fc38650a70b1883']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-1fb8-4593-8432-43d4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '3647068230839f9cadf0fd4bd82ade84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-5470-45bd-bb14-4e16950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = '550922107d18aa4caad0267997709ee5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687b-5144-4824-9c70-4769950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:27.000Z",
"modified": "2015-08-06T14:00:27.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'd8f0a6450f9df637daade521dc90d29d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687c-e1d4-45b4-8735-40fe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:28.000Z",
"modified": "2015-08-06T14:00:28.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'bf2e2283b19b0febc4bd1f47aa82a94c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687c-a674-445a-81a9-4ef7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:28.000Z",
"modified": "2015-08-06T14:00:28.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'd0eec2294a70ceff84ca8d0ed7939fb5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687c-be94-4b1c-9c8e-472d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:28.000Z",
"modified": "2015-08-06T14:00:28.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'e91d2464c8767552036dd0294fc7e6fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3687c-6030-4ea7-bbdd-48b1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:28.000Z",
"modified": "2015-08-06T14:00:28.000Z",
"description": "HttpBrowser RAT",
"pattern": "[file:hashes.MD5 = 'f627bc2db3cab34d97c8949931cb432d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3688a-0244-4c3a-8d9c-44f2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:42.000Z",
"modified": "2015-08-06T14:00:42.000Z",
"description": "PlugX RAT dropper",
"pattern": "[file:hashes.MD5 = 'b313bbe17bd5ee9c00acff3bfccdb48a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3688a-88f0-46ad-8598-4347950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:42.000Z",
"modified": "2015-08-06T14:00:42.000Z",
"description": "PlugX RAT dropper",
"pattern": "[file:hashes.MD5 = 'f7a842eb1364d1269b40a344510068e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3688b-9598-463c-aa27-4178950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:43.000Z",
"modified": "2015-08-06T14:00:43.000Z",
"description": "PlugX RAT dropper",
"pattern": "[file:hashes.MD5 = '8dacca7dd24844935fcd34e6c9609416']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3688b-0e7c-4b60-b601-428d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:43.000Z",
"modified": "2015-08-06T14:00:43.000Z",
"description": "PlugX RAT dropper",
"pattern": "[file:hashes.MD5 = '7cffd679599fb8579abae8f32ce49026']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55c3688b-4acc-46d1-bd6f-4da9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:00:43.000Z",
"modified": "2015-08-06T14:00:43.000Z",
"description": "PlugX RAT dropper",
"pattern": "[file:hashes.MD5 = '462fd01302bc40624a44b7960d2894cd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-08-06T14:00:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--55c368e0-9228-44ef-b4c0-4541950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:02:08.000Z",
"modified": "2015-08-06T14:02:08.000Z",
"name": "CVE-2011-3544",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"Payload delivery\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2011-3544"
}
]
},
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--55c368e0-8118-4882-84a0-41fa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-08-06T14:02:08.000Z",
"modified": "2015-08-06T14:02:08.000Z",
"name": "CVE-2010-0738",
"labels": [
"misp:type=\"vulnerability\"",
"misp:category=\"Payload delivery\""
],
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2010-0738"
}
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fc9-00bc-4521-ac22-599c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:41.000Z",
"modified": "2016-02-19T01:28:41.000Z",
"description": "Automatically added (via 014122d7851fa8bf4070a8fc2acd5dc5)",
"pattern": "[file:hashes.SHA1 = '1a6fca14615bb29549f8f813565ec2619528e769']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fcc-9ef8-4710-9677-c651950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:44.000Z",
"modified": "2016-02-19T01:28:44.000Z",
"description": "Automatically added (via 380c02b1fd93eb22028862117a2f19e3)",
"pattern": "[file:hashes.SHA1 = '789c4fb1cfc2eb8cfe66e5407a75b10e5f9ea466']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fce-2f0c-406b-a770-c654950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:46.000Z",
"modified": "2016-02-19T01:28:46.000Z",
"description": "Automatically added (via 8ea5d8bb6b28191e4436456c35477e39)",
"pattern": "[file:hashes.SHA1 = '4b6e48e50642a43fd038ee5a21891d11d466ca76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd0-45bc-461e-afe0-59a1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:48.000Z",
"modified": "2016-02-19T01:28:48.000Z",
"description": "Automatically added (via a554efc889714c70e9362bdc81fadd6a)",
"pattern": "[file:hashes.SHA1 = '02250681d57f7c5c0fa0de502153b7c4cf65ec91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd2-7628-4831-8a8c-599d950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:50.000Z",
"modified": "2016-02-19T01:28:50.000Z",
"description": "Automatically added (via 81ed752590752016cb1c12f3e9ab3454)",
"pattern": "[file:hashes.SHA1 = 'b20aa92329ea0288351dcc5d4334f517254f98af']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd7-c844-4cf5-9d45-c653950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:55.000Z",
"modified": "2016-02-19T01:28:55.000Z",
"description": "Automatically added (via 40092f76fea082b05e9631d91975a401)",
"pattern": "[file:hashes.SHA1 = '8e02d4b03cc0fee18dfc9bec0f4f9a36c1577ae1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fdb-a3dc-4d99-81de-599c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:59.000Z",
"modified": "2016-02-19T01:28:59.000Z",
"description": "Automatically added (via 37933acfa8d8e78c54413d88ca705e17)",
"pattern": "[file:hashes.SHA1 = '0f15471f07185ced8d80776bae760b7d69219c31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fde-6268-48f4-b377-48e1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:02.000Z",
"modified": "2016-02-19T01:29:02.000Z",
"description": "Automatically added (via bf2e2283b19b0febc4bd1f47aa82a94c)",
"pattern": "[file:hashes.SHA1 = '62ec1d4661c647ab8d18459b26b685711b3a3bb6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fdf-90f0-4af6-86cd-c650950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:03.000Z",
"modified": "2016-02-19T01:29:03.000Z",
"description": "Automatically added (via d0eec2294a70ceff84ca8d0ed7939fb5)",
"pattern": "[file:hashes.SHA1 = '46b32915d225a3206f19856f54413dbff3a7fc9b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe0-563c-4210-92f3-599f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:04.000Z",
"modified": "2016-02-19T01:29:04.000Z",
"description": "Automatically added (via e91d2464c8767552036dd0294fc7e6fb)",
"pattern": "[file:hashes.SHA1 = '84d9067c3af2ae137d0f7351b24ccbf68202bc7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe2-29fc-4dea-b6f7-5ca1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:06.000Z",
"modified": "2016-02-19T01:29:06.000Z",
"description": "Automatically added (via f627bc2db3cab34d97c8949931cb432d)",
"pattern": "[file:hashes.SHA1 = 'f6690169da83c15379ab3d118df00ebfaed0ce28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe3-48e8-4749-868a-c651950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:07.000Z",
"modified": "2016-02-19T01:29:07.000Z",
"description": "Automatically added (via f7a842eb1364d1269b40a344510068e8)",
"pattern": "[file:hashes.SHA1 = '009743fda0d47802bee85f627e8727f7216c464b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe5-13fc-4f66-924c-4c4b950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:09.000Z",
"modified": "2016-02-19T01:29:09.000Z",
"description": "Automatically added (via 7cffd679599fb8579abae8f32ce49026)",
"pattern": "[file:hashes.SHA1 = '8273be8d8666b8577bb7feb0d1134cbff199446f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe6-094c-4448-b710-463c950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:10.000Z",
"modified": "2016-02-19T01:29:10.000Z",
"description": "Automatically added (via 86a05dcffe87caf7099dda44d9ec6b48)",
"pattern": "[file:hashes.SHA1 = '56c9ec1ee39c746ffb5b9c8c1ff1ebd1d62946cd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fca-3e74-4580-9285-c651950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:42.000Z",
"modified": "2016-02-19T01:28:42.000Z",
"description": "Automatically added (via 014122d7851fa8bf4070a8fc2acd5dc5)",
"pattern": "[file:hashes.SHA256 = '4ed906ee616d44603db4ce158930e1105f6a35d4edfd1a7b1a30b18b9b2f328e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fcc-fcc4-4cae-8c13-59a0950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:44.000Z",
"modified": "2016-02-19T01:28:44.000Z",
"description": "Automatically added (via 380c02b1fd93eb22028862117a2f19e3)",
"pattern": "[file:hashes.SHA256 = '8d2bfbd976f6361f6e069cf9d6c1141b6a88f05ac535cc9120183d9853fb23d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fce-df60-4f03-991a-59a4950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:46.000Z",
"modified": "2016-02-19T01:28:46.000Z",
"description": "Automatically added (via 8ea5d8bb6b28191e4436456c35477e39)",
"pattern": "[file:hashes.SHA256 = '19be90c152f7a174835fd05a0b6f722e29c648969579ed7587ae036679e66a7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd0-5650-4895-8c3e-40f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:48.000Z",
"modified": "2016-02-19T01:28:48.000Z",
"description": "Automatically added (via a554efc889714c70e9362bdc81fadd6a)",
"pattern": "[file:hashes.SHA256 = '4073bbdcbc0d7e87a374d0eee0d0734f5acce91a2ae074d52462465598bd50f4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd3-1828-4a72-9171-599f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:51.000Z",
"modified": "2016-02-19T01:28:51.000Z",
"description": "Automatically added (via 81ed752590752016cb1c12f3e9ab3454)",
"pattern": "[file:hashes.SHA256 = '1052ad7f4d49542e4da07fa8ea59c15c40bc09a4d726fad023daafdf05866ebb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fd8-4cac-45f7-ae6d-c654950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:56.000Z",
"modified": "2016-02-19T01:28:56.000Z",
"description": "Automatically added (via 40092f76fea082b05e9631d91975a401)",
"pattern": "[file:hashes.SHA256 = '1277ede988438d4168bb5b135135dd3b9ae7d9badcdf1421132ca4692dd18386']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fdb-24d4-43b8-88b8-599f950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:28:59.000Z",
"modified": "2016-02-19T01:28:59.000Z",
"description": "Automatically added (via 37933acfa8d8e78c54413d88ca705e17)",
"pattern": "[file:hashes.SHA256 = '594b4eaaabe50023e6c6d0d82ed120f654771de8e7435821f4ff0e90696d3b88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:28:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fde-7534-49d5-a04d-5ca1950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:02.000Z",
"modified": "2016-02-19T01:29:02.000Z",
"description": "Automatically added (via bf2e2283b19b0febc4bd1f47aa82a94c)",
"pattern": "[file:hashes.SHA256 = 'fb61c5d96c4706708f367bc2b001c80c6f5f7da305b5cdf69bf282ceb5e49e66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe0-8dc0-4106-9f64-c652950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:04.000Z",
"modified": "2016-02-19T01:29:04.000Z",
"description": "Automatically added (via d0eec2294a70ceff84ca8d0ed7939fb5)",
"pattern": "[file:hashes.SHA256 = 'be334d1f8fa65a723af65200a166c2bbdb06690c8b30fafe772600e4662fc68b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe1-dd60-4b20-8ab8-c653950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:05.000Z",
"modified": "2016-02-19T01:29:05.000Z",
"description": "Automatically added (via e91d2464c8767552036dd0294fc7e6fb)",
"pattern": "[file:hashes.SHA256 = '6c07092cd9f345c0e25bd2e405fb3fa8a3ea98556dd90928c84316d14765488b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe2-f974-411c-8fbe-c650950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:06.000Z",
"modified": "2016-02-19T01:29:06.000Z",
"description": "Automatically added (via f627bc2db3cab34d97c8949931cb432d)",
"pattern": "[file:hashes.SHA256 = 'e2787bee7ca5a88c0ce2df60eddf9256931beade58f1468a6da49462143a5293']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe4-7a7c-4d3b-bf29-43c0950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:08.000Z",
"modified": "2016-02-19T01:29:08.000Z",
"description": "Automatically added (via f7a842eb1364d1269b40a344510068e8)",
"pattern": "[file:hashes.SHA256 = '555952aa5bcca4fa5ad5a7269fece99b1a04816d104ecd8aefabaa1435f65fa5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe5-019c-484b-93af-c654950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:09.000Z",
"modified": "2016-02-19T01:29:09.000Z",
"description": "Automatically added (via 7cffd679599fb8579abae8f32ce49026)",
"pattern": "[file:hashes.SHA256 = '65bbf0bd8c6e1ccdb60cf646d7084e1452cb111d97d21d6e8117b1944f3dc71e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--56c66fe7-3414-4ffb-a392-4ec6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-02-19T01:29:11.000Z",
"modified": "2016-02-19T01:29:11.000Z",
"description": "Automatically added (via 86a05dcffe87caf7099dda44d9ec6b48)",
"pattern": "[file:hashes.SHA256 = '9873aa65dca6508710b01fe0bd97b464ea4e999666ee8d020781a289ee1a4dc5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-02-19T01:29:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload installation"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload installation\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue Copy permalink